VentureBeat January 23, 2026
Louis Columbus

Security teams are buying AI defenses that don’t work. Researchers from OpenAI, Anthropic, and Google DeepMind published findings in October 2025 that should stop every CISO mid-procurement. Their paper, “The Attacker Moves Second: Stronger Adaptive Attacks Bypass Defenses Against Llm Jailbreaks and Prompt Injections,” tested 12 published AI defenses, with most claiming near-zero attack success rates. The research team achieved bypass rates above 90% on most defenses. The implication for enterprises is stark: Most AI security products are being tested against attackers that don’t behave like real attackers.

The team tested prompting-based, training-based, and filtering-based defenses under adaptive attack conditions. All collapsed. Prompting defenses achieved 95% to 99% attack success rates under adaptive attacks. Training-based methods fared no better, with...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: AI (Artificial Intelligence), Cybersecurity, Technology
Related Articles:
The Download: OpenAI’s plans for science, and chatbot age verification
Around the nation: Amazon's One Medical launches new AI chatbot
The Medical Futurist’s 100 Digital Health And AI Companies Of 2026
Physician assistants say paperwork and AI training still lag
More Data Isn’t Always Better for AI Decisions

Share Article