Boundary Point Jail A new way to break the strongest AI defences (www.aisi.gov.uk)

A team of AI researchers has unveiled Boundary Point Jailbreaking (BPJ), an automated method capable of breaching sophisticated AI defenses, specifically targeting Anthropic's Constitutional Classifiers and OpenAI's GPT-5 input classifier. This groundbreaking approach, which operates in 'black-box' environments where attackers have limited information access, has successfully developed universal jailbreaks against both systems—demonstrating a remarkable effectiveness that surpasses previous manual attack efforts. BPJ employs innovative strategies such as curriculum learning and boundary point search to enhance attack optimization substantially, outperforming earlier methods significantly by finding successful outputs approximately five times faster. The significance of BPJ extends beyond the technical achievements; it highlights the ongoing arms race between AI developers and attackers, emphasizing the need for more robust defense mechanisms. Current single-interaction defenses can be easily bypassed, suggesting a shift toward batch-level monitoring systems that analyze patterns over multiple interactions. By sharing BPJ’s methodology, the research community aims to raise awareness about potential vulnerabilities in AI systems and encourages developers to strengthen their security measures proactively. This collaboration between AI researchers and companies marks an essential step toward creating safer, more secure AI technologies.