[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-the-llm-security-problem-is-bigger-than-the-model":10,"sections":34},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":24,"tags":25,"sources":29,"feedback":33,"feedback_at":22,"cost_usd":33,"total_tokens":33},3107,"the-llm-security-problem-is-bigger-than-the-model","The LLM Security Problem Is Bigger Than the Model","A new survey maps vulnerabilities across the full LLM stack — from data collection to autonomous agents — and finds that point defenses are not enough.","LLM security research has a scope problem, and a new survey published on arXiv tries to fix it.\n\nResearchers systematized the existing literature on large language model vulnerabilities not by attack name, but by where in the system the attack lands. The paper organizes risks across eight stages: data collection, pretraining, post-training alignment, model packaging and supply chain, retrieval and memory, prompting and inference, tool and agent execution, and deployment and maintenance. The core argument is that the threat surface is no longer the model weights in isolation — it is the entire lifecycle through which prompts, data, tools, memory, and user authority interact. As LLMs get embedded in retrieval pipelines, coding environments, robotic systems, and autonomous agents that can call APIs, write files, and execute code, the attack surface expands with each new integration.\n\nThe framing matters because most current defenses are designed for a narrower problem. The survey finds that point defenses — guardrails, filters, output sanitizers applied at a single stage — rarely compose well across the full stack. When untrusted data can become an executable instruction and delegated authority can amplify a model error, a defense that works at the prompt layer may be bypassed at the retrieval or tool-call layer.\n\nThe research agenda the authors close with — provenance-aware retrieval, tool-call containment, long-horizon agent evaluation, realistic red teaming — reads less like a wish list and more like a checklist of things the industry has largely shipped around rather than solved. Vendors routinely announce agentic features; systematic security evaluation of those features lags well behind the release cadence.","[\"ai\",\"security\",\"llm\",\"research\"]","2026-07-01T04:00:00.000Z","2026-07-01T07:25:46.784Z","2026-07-01T07:25:49.782Z","published",null,[],"ai",[24,26,27,28],"security","llm","research",[30],{"name":31,"url":32},"arXiv cs.AI","https:\u002F\u002Farxiv.org\u002Fabs\u002F2606.31639",0,{"sections":35},[36,40,44,49,54,59,64,69,74,79,84,88,93,98],{"name":37,"slug":24,"count":38,"latest_published_at":39},"AI",2590,"2026-07-16T04:00:00.000Z",{"name":41,"slug":26,"count":42,"latest_published_at":43},"Security",294,"2026-07-15T19:59:48.000Z",{"name":45,"slug":46,"count":47,"latest_published_at":48},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":50,"slug":51,"count":52,"latest_published_at":53},"Policy","policy",158,"2026-07-16T00:02:48.000Z",{"name":55,"slug":56,"count":57,"latest_published_at":58},"Hardware","hardware",122,"2026-07-14T19:46:26.000Z",{"name":60,"slug":61,"count":62,"latest_published_at":63},"Consumer Tech","consumer-tech",93,"2026-07-13T13:20:48.000Z",{"name":65,"slug":66,"count":67,"latest_published_at":68},"Software","software",70,"2026-07-13T19:52:25.000Z",{"name":70,"slug":71,"count":72,"latest_published_at":73},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":75,"slug":76,"count":77,"latest_published_at":78},"Dev Tools","dev-tools",59,"2026-07-07T04:00:00.000Z",{"name":80,"slug":81,"count":82,"latest_published_at":83},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":85,"slug":86,"count":82,"latest_published_at":87},"Startups","startups","2026-06-29T20:55:50.000Z",{"name":89,"slug":90,"count":91,"latest_published_at":92},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":94,"slug":95,"count":96,"latest_published_at":97},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":99,"slug":100,"count":101,"latest_published_at":102},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]