The Potential for AI to Manipulate Elections

Connect the Dots: Knowledge Graph-Guided Crawler Attack on Retrieval-Augmented Generation Systems

Stealing attacks pose a persistent threat to the intellectual property of deployed machine-learning systems. Retrieval-augmented generation (RAG) intensifies this risk by extending the attack surface beyond model weights to knowledge base that often contains IP-bearing assets such as proprietary runbooks, curated domain collections, or licensed documents. Recent work shows that multi-turn questioning can gradually steal corpus content from RAG systems, yet existing attacks are largely heuristic and often plateau early. We address this gap by formulating RAG knowledge-base stealing as an adaptive stochastic coverage problem (ASCP), where each query is a stochastic action and the goal is to maximize the conditional expected marginal gain (CMG) in corpus coverage under a query budget. Bridging ASCP to real-world black-box RAG knowledge-base stealing raises three challenges: CMG is unobservable, the natural-language action space is intractably large, and feasibility constraints require stealthy queries that remain effective under diverse architectures. We introduce RAGCrawler, a knowledge graph-guided attacker that maintains a global attacker-side state to estimate coverage gains, schedule high-value semantic anchors, and generate non-redundant natural queries. Across four corpora and four generators with BGE retriever, RAGCrawler achieves 66.8% average coverage (up to 84.4%) within 1,000 queries, improving coverage by 44.90% relative to the strongest baseline. It also reduces the queries needed to reach 70% coverage by at least 4.03x on average and enables surrogate reconstruction with answer similarity up to 0.699. Our attack is also scalable to retriever switching and newer RAG techniques like query rewriting and multi-query retrieval. These results highlight urgent needs to protect RAG knowledge assets.

AI’s Diminishing Returns  : Avoiding the Overreliance Trap in BFSI

When AI Becomes a Cost Center

What OpenClaw’s Security Disasters Teach Us About the Future of AI Agents

100K GitHub stars. Thousands of exposed servers. A $16M crypto scam. The age of autonomous AI agents is here — and nobody is ready.

Fake AI extensions on the Chrome Web Store harvest Gmail and browsing data

Malicious Chrome extensions exploit the surge in popularity of generative AI tools to deploy spyware that steals browsing and Gmail data.

AI Safety Leader Leaves Job, Says World is in Danger, Will Study Poetry

An AI safety expert from Anthropic has quit his job. He says the world is in danger and he will now study poetry. This happens after a new AI model was released.

Replacing humans with machines is leaving truckloads of food stranded and unusable | The-14

Automation in food supply chains is creating hidden risks. When digital systems fail, truckloads of food sit stranded, exposing fragile infrastructure gaps.

Stop Making AI Learn From Us

In December 2024, researchers at Anthropic published findings that should terrify anyone who believes...

AI Is Rapidly Rendering Cyber Defenses Obsolete

Rapid enterprise adoption of artificial intelligence is outpacing organizations’ ability to secure their operations, according to a new in...