Maksym Andriushchenko

🙌 It's been a pleasure to participate in this project alongside so many amazing experts!

3/3

This is the first key update before the release of the full report early next year. Both this update and the upcoming report discuss the critically important topics of AI risks and capabilities in a balanced way, carefully weighing all available scientific evidence.

2/3

📣 Incredibly excited to participate in writing the International AI Safety Report, chaired by Yoshua Bengio, as chapter lead for the capabilities chapter!

⚖️ AI is progressing so rapidly that yearly updates are no longer sufficient.

1/3

YouTube video by Friday Talks Tübingen AI Safety and Alignment - [Maksym Andriushchenko]

A new recording of our FridayTalks@Tübingen series is online!

AI Safety and Alignment
by
@maksym-andr.bsky.social

Watch here: youtu.be/7WRW8MDQ8bk

Thank you so much, Nicolas! :)

We believe getting this—some may call it "AGI"—right is one of the most important challenges of our time.

Join us on this journey!

11/11

Taking this into account, we are only interested in studying methods that are general and scale with intelligence and compute. Everything that helps to advance their safety and alignment with societal values is relevant to us.

10/n

Broader vision. Current machine learning methods are fundamentally different from what they used to be pre-2022. The Bitter Lesson summarized and predicted this shift very well back in 2019: "general methods that leverage computation are ultimately the most effective".

9/n

... —literally anything that can be genuinely useful for other researchers and the general public.

8/n

Research style. We are not necessarily interested in getting X papers accepted at NeurIPS/ICML/ICLR. We are interested in making an impact: this can be papers (and NeurIPS/ICML/ICLR are great venues), but also open-source repositories, benchmarks, blog posts, even social media posts ...

7/n

For more information about research topics relevant to our group, please check the following documents:
- International AI Safety Report,
- An Approach to Technical AGI Safety and Security by DeepMind,
- Open Philanthropy’s 2025 RFP for Technical AI Safety Research.

6/n

We're also interested in rigorous AI evaluations and informing the public about the risks and capabilities of frontier AI models. Additionally, we aim to advance our understanding of how AI models generalize, which is crucial for ensuring their steerability and reducing associated risks.

5/n

Research group. We will focus on developing algorithmic solutions to reduce harms from advanced general-purpose AI models. We're particularly interested in alignment of autonomous LLM agents, which are becoming increasingly capable and pose a variety of emerging risks.

4/n

Expression of Interest: AI Safety and Alignment Group (Maksym Andriushchenko) Hi 👋! My name is Maksym Andriushchenko. I'm starting my research group at the ELLIS Institute Tübingen and Max Planck Institute for Intelligent Systems in September 2025 that focuses on AI safety and ...

Please fill the Google form forms.gle/GJB9bp7gRXAf... if you're interested!

3/n

Hiring. I'm looking for multiple PhD students: both those able to start in Fall 2025 and through centralized programs like CLS, IMPRS, and ELLIS (the deadlines are in November) to start in Spring–Fall 2026. I'm also searching for postdocs, master's thesis students, and research interns.

2/n

🚨 Incredibly excited to share that I'm starting my research group focusing on AI safety and alignment at the ELLIS Institute Tübingen and Max Planck Institute for Intelligent Systems in September 2025! 🚨

1/n

GitHub - tml-epfl/os-harm: OS-Harm: A Benchmark for Measuring Safety of Computer Use Agents OS-Harm: A Benchmark for Measuring Safety of Computer Use Agents - tml-epfl/os-harm

This is joint work with amazing collaborators: Thomas Kuntz, Agatha Duzan, Hao Zhao, Francesco Croce, Zico Kolter, and Nicolas Flammarion.

It will be presented as an oral at the WCUA workshop at ICML 2025!

Paper: arxiv.org/abs/2506.14866
Code: github.com/tml-epfl/os-...

Main findings based on frontier LLMs:
- They directly comply with _many_ deliberate misuse queries
- They are relatively vulnerable even to _static_ prompt injections
- They occasionally perform unsafe actions

🚨Excited to release OS-Harm! 🚨

The safety of computer use agents has been largely overlooked.

We created a new safety benchmark based on OSWorld for measuring 3 broad categories of harm:
1. deliberate user misuse,
2. prompt injections,
3. model misbehavior.

Paper link: josh-freeman.github.io/resources/ny....

This is joint work with amazing collaborators: Joshua Freeman, Chloe Rippe, and Edoardo Debenedetti.

🧵3/n

3. However, the memorized articles cited in the NYT lawsuit were clearly cherry-picked—random NYT articles have not been memorized.

4. We also provide a legal analysis of this case in light of our findings.

We will present this work at the Safe Gen AI Workshop at NeurIPS 2024 on Sunday.

🧵2/n

🚨Excited to share our new work!

1. Not only GPT-4 but also other frontier LLMs have memorized the same set of NYT articles from the lawsuit.

2. Very large models, particularly with >100B parameters, have memorized significantly more.

🧵1/n

Exploring Memorization and Copyright Violation in Frontier LLMs: A... Copyright infringement in frontier large language models (LLMs) has received much attention recently due to the case NYT v. Microsoft, filed in December 2023. The New York Times claims that GPT-4...

3. Exploring Memorization and Copyright Violation in Frontier LLMs: A Study of the New York Times v. OpenAI 2023 Lawsuit (openreview.net/forum?id=C66...)

Thanks to the amazing collaborators for making all these works possible!

🧵4/4

Improving Alignment and Robustness with Circuit Breakers AI systems can take harmful actions and are highly vulnerable to adversarial attacks. We present an approach, inspired by recent advances in representation engineering, that interrupts the models as t...

3. Improving Alignment and Robustness with Circuit Breakers (arxiv.org/abs/2406.04313)

Workshops:
1. Does Refusal Training in LLMs Generalize to the Past Tense? (arxiv.org/abs/2407.11969)
2. Is In-Context Learning Sufficient for Instruction Following in LLMs? (arxiv.org/abs/2405.19874)

🧵3/4

Why Do We Need Weight Decay in Modern Deep Learning? Weight decay is a broadly used technique for training state-of-the-art deep networks from image classification to large language models. Despite its widespread usage and being extensively studied in t...

Here are the 6 papers that we are presenting at NeurIPS 2024:

Main track:
1. Why Do We Need Weight Decay in Modern Deep Learning? (arxiv.org/abs/2310.04415)
2. JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models (arxiv.org/abs/2404.01318)

🧵2/4

📢 I'll be at NeurIPS 🇨🇦 from Tuesday to Sunday!

Let me know if you're also coming and want to meet. Would love to discuss anything related to AI safety/generalization.

Also, I'm on the academic job market, so would be happy to discuss that as well! My application package: andriushchenko.me.

🧵1/4

Mindblowing: EPFL PhD student @maksym-andr.bsky.social, winner of best CS thesis award, showed that leading hashtag#AI models are not robust to simple adaptive jailbreaking attacks. Indeed, he managed to jailbraik all models with a 100% success rate 🤯

Jailbraking paper: arxiv.org/abs/2404.02151

really feels like Twitter circa 2018. good old days... 😀