[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-how-domain-specific-abliteration-targets-ai-safety-refusals":10,"sections":40},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":30,"tags":31,"sources":35,"feedback":39,"feedback_at":22,"cost_usd":39,"total_tokens":39},3758,"how-domain-specific-abliteration-targets-ai-safety-refusals","How Domain-Specific Abliteration Targets AI Safety Refusals","Researchers tested abliteration on 24 open-source LLMs and found they could strip cybersecurity-domain refusals without removing broader safety behavior.","Researchers say they can surgically remove AI safety refusals in cybersecurity contexts while leaving broader restrictions intact.\n\nA new paper tested abliteration — a technique that edits a model's internal representation of \"refusal\" — across 24 open-source large language models, including the trillion-parameter Kimi K2. The core finding: safety refusals are not a single switch. They occupy a multi-dimensional subspace distributed across many layers, particularly in large mixture-of-experts architectures. The team found they could target only the slice of that subspace associated with cybersecurity-specific harmful concepts, leaving other safety behaviors untouched.\n\nThis matters because blanket safety alignment is a real friction point for legitimate security work — penetration testers, red teamers, and security researchers regularly hit refusals on queries that are entirely authorized in their context. If domain-specific abliteration works reliably, it could give security tooling vendors a principled path to customizing open-source models without nuking every guardrail in the process. The researchers also ranked 24 models into three susceptibility tiers and identified safety training type and model architecture as the strongest predictors of how a model responds to the intervention.\n\nThe caveat writes itself: a technique that selectively removes refusals for one domain is only as trustworthy as the operator defining the domain boundary, and that line tends to move once it becomes a product feature.","[\"ai\",\"security\",\"llms\",\"open-source\"]","2026-07-07T04:00:00.000Z","2026-07-07T07:42:26.802Z","2026-07-07T07:42:29.626Z","published",null,[24],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"The dek contains a typo in a key term ('abliterated' instead of 'abliterated' is fine, but 'abliterated' is used where the technical term is 'abliteration' — more critically, 'abliterated safety refusals' misrepresents the finding, which is about domain-specific removal, not wholesale removal; fix the dek to accurately reflect the scoped finding, and verify 'abliterated' is not a misspelling of the intended verb 'ablated' or confirm 'abliterate\u002Fabliteration' is the paper's own terminology before","resolved","security",[32,30,33,34],"ai","llms","open-source",[36],{"name":37,"url":38},"arXiv cs.AI","https:\u002F\u002Farxiv.org\u002Fabs\u002F2607.02714",0,{"sections":41},[42,46,50,55,60,65,70,75,80,84,89,93,98,103],{"name":43,"slug":32,"count":44,"latest_published_at":45},"AI",2590,"2026-07-16T04:00:00.000Z",{"name":47,"slug":30,"count":48,"latest_published_at":49},"Security",294,"2026-07-15T19:59:48.000Z",{"name":51,"slug":52,"count":53,"latest_published_at":54},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":56,"slug":57,"count":58,"latest_published_at":59},"Policy","policy",158,"2026-07-16T00:02:48.000Z",{"name":61,"slug":62,"count":63,"latest_published_at":64},"Hardware","hardware",122,"2026-07-14T19:46:26.000Z",{"name":66,"slug":67,"count":68,"latest_published_at":69},"Consumer Tech","consumer-tech",93,"2026-07-13T13:20:48.000Z",{"name":71,"slug":72,"count":73,"latest_published_at":74},"Software","software",70,"2026-07-13T19:52:25.000Z",{"name":76,"slug":77,"count":78,"latest_published_at":79},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":81,"slug":82,"count":83,"latest_published_at":18},"Dev Tools","dev-tools",59,{"name":85,"slug":86,"count":87,"latest_published_at":88},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":90,"slug":91,"count":87,"latest_published_at":92},"Startups","startups","2026-06-29T20:55:50.000Z",{"name":94,"slug":95,"count":96,"latest_published_at":97},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":99,"slug":100,"count":101,"latest_published_at":102},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":104,"slug":105,"count":106,"latest_published_at":107},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]