Lukas Struppek

Open-weight LLMs are systematically vulnerable to prefill attacks, a largely unexplored attack vector that bypasses internal safeguards even in state-of-the-art reasoning models.