Overview
Severity: HIGH | Affected: OpenAI, Google, Anthropic | Category: research
A new paper published by researchers at Carnegie Mellon University details a sophisticated jailbreak technique named 'Semantic Doppelgänger'. The attack leverages complex linguistic structures and culturally specific analogies to mask malicious instructions within seemingly benign prompts. Current AI safety filters, which primarily rely on keyword detection and simple intent analysis, fail to recognize the harmful underlying request. The technique was successfully demonstrated against leading models, including OpenAI's GPT-5, Google's Gemini 2, and Anthropic's Claude 4, consistently generating harmful, biased, or restricted content. The research highlights a significant gap in AI safety, showing that models can be tricked by exploiting their nuanced understanding of language against their own safety protocols. The authors call for a new generation of safety mechanisms that incorporate deeper contextual and cultural awareness to defend against such adversarial attacks.