Haolin Wu

LLMs can be jailbroken with 90% success by subtly "salami slicing" harmful intent across multiple turns, even against state-of-the-art models like GPT-4o and Gemini.

A single malicious message can trigger a self-replicating worm, ClawWorm, that autonomously infects and propagates across entire LLM agent ecosystems, even surviving agent restarts.