@maksym-andr.bsky.social
Faculty at the ELLIS Institute Tübingen and Max Planck Institute for Intelligent Systems. Leading the AI Safety and Alignment group. PhD from EPFL supported by Google & OpenPhil PhD fellowships. More details: https://www.andriushchenko.me/
Are AI systems learning to “game” their safety tests?
The UK’s Department for Science, Innovation and Technology has awarded a grant to Principal Investigators Sahar Abdelnabi, @maksym-andr.bsky.social, and @jonasgeiping.bsky.social.
Find out more: institute-tue.ellis.eu/en/news/elli...
The ELLIS Institute is proud to announce that Coefficient Giving is supporting our Principal Investigator Maksym Andriushchenko with a grant of $1,000,000 to fund his research on AI safety.
Find out more on our website: institute-tue.ellis.eu/en/news/pi-m...
👏 Give a big round of applause to our 2025 PhD Award Winners!
The two main winners are: @zhijingjin.bsky.social & @maksym-andr.bsky.social.
Two runners-up were selected additionally: Siwei Zhang & Elias Frantar
Learn even more about each outstanding scientist: https://bit.ly/4pm2Eji
🙌 It's been a pleasure to participate in this project alongside so many amazing experts!
3/3
This is the first key update before the release of the full report early next year. Both this update and the upcoming report discuss the critically important topics of AI risks and capabilities in a balanced way, carefully weighing all available scientific evidence.
2/3
📣 Incredibly excited to participate in writing the International AI Safety Report, chaired by Yoshua Bengio, as chapter lead for the capabilities chapter!
⚖️ AI is progressing so rapidly that yearly updates are no longer sufficient.
1/3
![AI Safety and Alignment - [Maksym Andriushchenko]](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:lf7pelyqhcozozng2zrl2wxx/bafkreihyvlpespqgl72lrutg3526tovcj6jrnuxmwizp6lt5l3xugrh7gy@jpeg)
A new recording of our FridayTalks@Tübingen series is online!
AI Safety and Alignment
by
@maksym-andr.bsky.social
Watch here: youtu.be/7WRW8MDQ8bk
Thank you so much, Nicolas! :)
06.08.2025 19:35 — 👍 0 🔁 0 💬 0 📌 0We believe getting this—some may call it "AGI"—right is one of the most important challenges of our time.
Join us on this journey!
11/11
Taking this into account, we are only interested in studying methods that are general and scale with intelligence and compute. Everything that helps to advance their safety and alignment with societal values is relevant to us.
10/n
Broader vision. Current machine learning methods are fundamentally different from what they used to be pre-2022. The Bitter Lesson summarized and predicted this shift very well back in 2019: "general methods that leverage computation are ultimately the most effective".
9/n
... —literally anything that can be genuinely useful for other researchers and the general public.
8/n
Research style. We are not necessarily interested in getting X papers accepted at NeurIPS/ICML/ICLR. We are interested in making an impact: this can be papers (and NeurIPS/ICML/ICLR are great venues), but also open-source repositories, benchmarks, blog posts, even social media posts ...
7/n
For more information about research topics relevant to our group, please check the following documents:
- International AI Safety Report,
- An Approach to Technical AGI Safety and Security by DeepMind,
- Open Philanthropy’s 2025 RFP for Technical AI Safety Research.
6/n
We're also interested in rigorous AI evaluations and informing the public about the risks and capabilities of frontier AI models. Additionally, we aim to advance our understanding of how AI models generalize, which is crucial for ensuring their steerability and reducing associated risks.
5/n
Research group. We will focus on developing algorithmic solutions to reduce harms from advanced general-purpose AI models. We're particularly interested in alignment of autonomous LLM agents, which are becoming increasingly capable and pose a variety of emerging risks.
4/n
Please fill the Google form forms.gle/GJB9bp7gRXAf... if you're interested!
3/n
Hiring. I'm looking for multiple PhD students: both those able to start in Fall 2025 and through centralized programs like CLS, IMPRS, and ELLIS (the deadlines are in November) to start in Spring–Fall 2026. I'm also searching for postdocs, master's thesis students, and research interns.
2/n
🚨 Incredibly excited to share that I'm starting my research group focusing on AI safety and alignment at the ELLIS Institute Tübingen and Max Planck Institute for Intelligent Systems in September 2025! 🚨
1/n
This is joint work with amazing collaborators: Thomas Kuntz, Agatha Duzan, Hao Zhao, Francesco Croce, Zico Kolter, and Nicolas Flammarion.
It will be presented as an oral at the WCUA workshop at ICML 2025!
Paper: arxiv.org/abs/2506.14866
Code: github.com/tml-epfl/os-...
Main findings based on frontier LLMs:
- They directly comply with _many_ deliberate misuse queries
- They are relatively vulnerable even to _static_ prompt injections
- They occasionally perform unsafe actions
🚨Excited to release OS-Harm! 🚨
The safety of computer use agents has been largely overlooked.
We created a new safety benchmark based on OSWorld for measuring 3 broad categories of harm:
1. deliberate user misuse,
2. prompt injections,
3. model misbehavior.
Paper link: josh-freeman.github.io/resources/ny....
This is joint work with amazing collaborators: Joshua Freeman, Chloe Rippe, and Edoardo Debenedetti.
🧵3/n
3. However, the memorized articles cited in the NYT lawsuit were clearly cherry-picked—random NYT articles have not been memorized.
4. We also provide a legal analysis of this case in light of our findings.
We will present this work at the Safe Gen AI Workshop at NeurIPS 2024 on Sunday.
🧵2/n
🚨Excited to share our new work!
1. Not only GPT-4 but also other frontier LLMs have memorized the same set of NYT articles from the lawsuit.
2. Very large models, particularly with >100B parameters, have memorized significantly more.
🧵1/n
3. Exploring Memorization and Copyright Violation in Frontier LLMs: A Study of the New York Times v. OpenAI 2023 Lawsuit (openreview.net/forum?id=C66...)
Thanks to the amazing collaborators for making all these works possible!
🧵4/4
3. Improving Alignment and Robustness with Circuit Breakers (arxiv.org/abs/2406.04313)
Workshops:
1. Does Refusal Training in LLMs Generalize to the Past Tense? (arxiv.org/abs/2407.11969)
2. Is In-Context Learning Sufficient for Instruction Following in LLMs? (arxiv.org/abs/2405.19874)
🧵3/4
Here are the 6 papers that we are presenting at NeurIPS 2024:
Main track:
1. Why Do We Need Weight Decay in Modern Deep Learning? (arxiv.org/abs/2310.04415)
2. JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models (arxiv.org/abs/2404.01318)
🧵2/4
📢 I'll be at NeurIPS 🇨🇦 from Tuesday to Sunday!
Let me know if you're also coming and want to meet. Would love to discuss anything related to AI safety/generalization.
Also, I'm on the academic job market, so would be happy to discuss that as well! My application package: andriushchenko.me.
🧵1/4
Mindblowing: EPFL PhD student @maksym-andr.bsky.social, winner of best CS thesis award, showed that leading hashtag#AI models are not robust to simple adaptive jailbreaking attacks. Indeed, he managed to jailbraik all models with a 100% success rate 🤯
Jailbraking paper: arxiv.org/abs/2404.02151
