近年来，多模态大语言模型（MLLMs）取得了令人瞩目的突破，在视觉理解、跨模态推理、图像描述等任务上表现出强大的能力。然而，随着这些模型的广泛部 署，其潜在的安全风险也逐渐引起关注。 研究表明，MLLMs 同样继承了视觉编码器对抗脆弱性的特征，容易受到对抗样本的欺骗。 这些对抗样本在现实应用中可能导致模型输出错误或泄露敏感信息，给 大规模模型的安全部署带来严重隐患。 在此背景下，如何提升对抗攻击的可迁移性 —— 即对抗样本跨模型、尤其是跨闭源模型仍能保持攻击有效性 —— 成为当前研究的关键难题。 然而，当面对如 GPT-4、Claude-3 等强大的闭源商业模型时，现有攻击方法的迁移效果显著下降。原因在于， 这些方法通常仅对齐全局特征（如 CLIP 的 [CLS] token），而忽略了图像补丁（patch tokens）中蕴含的丰富局部信息，导致特征对齐不充分、迁移能力受限。 为解决这一难题，本文提出了一种名为 FOA-Attack（Feature Optimal Alignment Attack） 的全新靶向迁移式对抗攻击框架。该方法的核心思想是 同时在全局和 局部两个层面实现特征的最优对齐，从而显著提升 ...

Core Insights - The article discusses the limitations of current multimodal large language models (MLLMs) in spatial intelligence, highlighting that even advanced models struggle with basic spatial tasks that children can perform easily [2][5] - A new approach is proposed, focusing on geometric problems as a means to enhance spatial perception and reasoning in vision-language models [6][8] Group 1: Limitations of Current Models - Despite significant advancements, state-of-the-art MLLMs still lack true spatial intelligence, often making errors in tasks like counting objects or identifying nearby items [2][5] - Over 70% of errors in spatial reasoning tasks stem from the models' inability to infer spatial phenomena rather than deficiencies in visual recognition or language processing [5] Group 2: Proposed Solutions - The research team aims to improve model performance by learning from a broader range of spatial phenomena, moving beyond single dataset limitations [5][8] - The study introduces a new dataset, Euclid30K, containing 29,695 geometric problems, which is designed to enhance the models' spatial reasoning capabilities [12][13] Group 3: Geometric Problems as Proxies - Solving geometric problems requires skills such as shape recognition, spatial relationship inference, and multi-step logical reasoning, which are also essential for spatial perception tasks [10] - Evidence from educational psychology suggests a strong correlation between geometric problem-solving and spatial intelligence, indicating that targeted practice can enhance spatial abilities [10] Group 4: Dataset Characteristics - The Euclid30K dataset includes a diverse range of geometric problems, with a total of 29,695 questions, including 18,577 plane geometry and 11,118 solid geometry questions [13] - The dataset was meticulously curated to ensure high quality, with answers verified for accuracy [12][13] Group 5: Model Training and Results - The models were trained using standard GRPO methods, and results showed performance improvements across various benchmarks after training with geometric problems [15][17] - A causal ablation study confirmed that the performance gains were attributable to the geometric tasks rather than other factors like algorithm design or data volume [17]

机器之心报道 机器之心编辑部 单 GPU 级世界模型来了。 斯坦福大学教授李飞飞创业公司 World Labs 又推出了新成果！ 上个月，World Labs 发布了 空间智能模型 Marble ，「只需一张图片，就能生成持久存在的 3D 世界，比以往更宏大、更震撼。」 就在今天，一个可以实时、持续运行并保持 3D 一致性的生成式世界模型 RTFM 问世了，并且该模型在单个 H100 GPU 上就能跑起来。 RTFM 的全称为「Real-Time Frame Model」，即实时帧模型。 根据官方介绍，RTFM 并不会显式地构建世界的 3D 表示。相反，它以一张或多张 2D 图像作为输入，直接生成同一场景在不同视角下的全新 2D 图像。 在技术上，RTFM 可以被视为一种学习型渲染器：它是一种端到端训练的自回归扩散 Transformer，基于大规模视频数据进行训练，最终仅通过观察训练集中的样 本就学会了建模 3D 几何、反射、阴影等特征。 另外，RTFM 还可以用于从稀疏拍摄的照片中重建真实世界的场景。 World Labs 团队认为，生成式世界模型必然会对计算能力提出要求，甚至可能扩展到超出当今 LLM ...

机器之心报道 编辑：杜伟 苹果最近真是「高产」！ 这几天，苹果 在多模态 web 搜索中发现了赋能多模态大语言模型（MLLM）的新解法 。 在现实世界的应用中，MLLM 需要访问外部知识源，并对动态变化的现实世界信息进行实时响应，从而解决信息检索和知识密集型的用户查询。当前的一些方 法，比如检索增强生成（RAG）、search agent 以及配备搜索功能的多模态大模型，往往存在流程僵化、搜索调用过多以及搜索查询构造不当等问题，导致效率低 下以及结果不理想。 为了克服以往研究中暴露出的局限， 苹果提出了 DeepMMSearch-R1 模型 。该模型能够按需执行多轮网络搜索，并可针对文本与图像搜索工具动态生成查询，如 图 1（右）所示。具体而言，DeepMMSearch-R1 能够通过自我反思与自我纠正，在多轮交互中自适应地生成和优化文本搜索查询，并利用检索到的内容作为反馈 以及结合原始问题进行改进。 为了提升图像搜索的效果，苹果引入一个 中间图像裁剪工具（ Grounding DINO ） 来应对背景噪声和干扰性视觉实体带来的挑战。过程中，DeepMMSearch-R1 首 先生成与问题最相关视觉实体的指代 ...

机器之心报道 今日，据彭博社消息，苹果公司 AKI（Answers, Knowledge and Information）团队负责人 Ke Yang 现已离职，加入 Meta 超级智能实验室，致力于将 AI 转化为消费 产品的研究。 | Bloomberg | | --- | | · Live TV Markets · Economics Industries Tech Politics Businessweek Opinion More V | | Apple: iPhone 17 Line New Watches AirPods Pro 3 $2,000 iPhones Vision Pro Pause Al Troubles | | Technology Apple's Head of ChatGPT-Like Al Al | 机器之心编辑部 苹果又一位高管离职了。 此次离职的时间点让人颇感意外，数周前 Ke Yang 刚被任命为该团队负责人。 据了解，Ke Yang 领导的 AKI 团队相对较新，是在今年早些时候组建的，该团队主要负责推进苹果内部类似 ChatGPT 的 AI 搜索项目，该项目旨在为 ...

Core Insights - The article discusses the vulnerabilities of large language model (LLM)-based search agents, emphasizing that while they can access real-time information, they are susceptible to unreliable web sources, which can lead to the generation of unsafe outputs [2][7][26]. Group 1: Search Agent Vulnerabilities - A real-world case is presented where a developer lost $2,500 due to a search error involving unreliable code from a low-quality GitHub page, highlighting the risks associated with trusting search results [4]. - The research identifies that 4.3% of nearly 9,000 search results from Google were deemed suspicious, indicating a prevalence of low-quality websites in search results [11]. - The study reveals that search agents are not as robust as expected, with a significant percentage of unsafe outputs generated when exposed to unreliable search results [12][26]. Group 2: SafeSearch Framework - The SafeSearch framework is introduced as a method for automated red-teaming to assess the safety of LLM-based search agents, focusing on five types of risks including harmful outputs and misinformation [14][21]. - The framework employs a multi-stage testing process to generate high-quality test cases, ensuring comprehensive coverage of potential risks [16][19]. - SafeSearch aims to enhance transparency in the development of search agents by providing a quantifiable and scalable safety assessment tool [37]. Group 3: Evaluation and Results - The evaluation of various search agent architectures revealed that the impact of unreliable search results varies significantly, with the GPT-4.1-mini model showing a 90.5% susceptibility in a search workflow scenario [26][36]. - Different LLMs exhibit varying levels of resilience against risks, with GPT-5 and GPT-5-mini demonstrating superior robustness compared to others [26][27]. - The study concludes that effective filtering methods can significantly reduce the attack success rate (ASR), although they cannot eliminate risks entirely [36][37]. Group 4: Implications and Future Directions - The findings underscore the importance of systematic evaluation in ensuring the safety of search agents, as they are easily influenced by low-quality web content [37]. - The article suggests that the design of search agent architectures can significantly affect their security, advocating for a balance between performance and safety in future developments [36][37]. - The research team hopes that SafeSearch will become a standardized tool for assessing the safety of search agents, facilitating their evolution in both performance and security [37].

Core Insights - The article discusses the limitations of current mainstream large language models (LLMs) regarding context length and performance degradation, known as "context rot" [2][26]. - Researchers from MIT propose a new approach called Recursive Language Models (RLMs) to address these issues by breaking down long contexts into manageable parts and processing them recursively [4][6]. Group 1: RLM Concept and Implementation - RLMs treat input context as a variable, allowing the main model to decompose and interact recursively with the context [8][14]. - In practical implementation, RLMs utilize a Python REPL environment to store user prompts in variables and process them iteratively, leading to significant performance improvements [5][17]. - The RLM framework enables the root language model to manage context more flexibly, avoiding the pitfalls of traditional models that read the entire context at once [23][16]. Group 2: Performance Results - In tests on the OOLONG benchmark, RLM using GPT-5-mini achieved over 114% improvement in correct answers compared to GPT-5, with lower average costs per query [28][30]. - RLM demonstrated no performance degradation even when processing contexts exceeding 10 million tokens, outperforming traditional methods like ReAct + retrieval [34][35]. - The RLM framework allows for a more efficient handling of large contexts, maintaining performance without additional fine-tuning or structural changes [35][39]. Group 3: Future Implications - The researchers believe RLMs could become a powerful paradigm for reasoning and context management in LLMs, potentially revolutionizing how models handle extensive data [6][7]. - As LLM capabilities improve, RLMs are expected to scale effectively, potentially managing even larger contexts in the future [37][40]. - The approach emphasizes that language models should autonomously determine how to decompose and process tasks, contrasting with traditional agent-based methods [40][41].

Core Insights - The article discusses the development of EgoAgent, a first-person joint predictive agent model that learns visual representation, human action, and world state prediction simultaneously, inspired by human cognitive learning mechanisms [2][5][21] - EgoAgent breaks the traditional separation of perception, control, and prediction in AI, allowing for a more integrated learning approach [6][21] Group 1: Model Overview - EgoAgent is designed to simulate the continuous interaction between the human brain, body, and environment, enabling AI to learn through experience rather than just observation [5][6] - The model employs a core architecture called JEAP (Joint Embedding-Action-Prediction) that allows for joint learning of the three tasks within a unified Transformer framework [6][8] Group 2: Technical Mechanisms - EgoAgent utilizes an interleaved "state-action" joint prediction approach, encoding first-person video frames and 3D human actions into a unified sequence [8][10] - The model features a collaborative mechanism between a Predictor and an Observer, enhancing its self-supervised learning capabilities over time [8][10] Group 3: Performance and Results - EgoAgent demonstrates superior performance in key tasks, significantly outperforming existing models in first-person world state prediction, 3D human motion prediction, and visual representation [12][13][15] - For instance, EgoAgent with 300 million parameters improved Top-1 accuracy by 12.86% and mAP by 13.05% compared to the latest first-person visual representation model [13] Group 4: Future Applications - The model has broad application prospects, particularly in robotics and AR/VR, enhancing scene perception and interaction capabilities in complex environments [21]

机器之心发布 机器之心编辑部 国内首个少样本通用具身操作基础模型发布，跨越视觉语言与机器人操作的鸿沟。 具身智能领域终于要突破 "数据桎梏" 了吗？ 相较于自然语言、视觉领域，具身智能的数据天然稀缺。真实世界的机器人操作往往涉及复杂的物理交互、实时反馈与环境变化，导致数据采集不仅成本高、效 率低，并且还难以规模化。因此，现实中能达到数十万以及百万物理交互的数据集并不多见。 另外，当前的视觉 - 语言 - 动作（VLA）模型虽然已经具备了强大的语义理解能力，但在实际操作层面仍依赖大规模标注数据来弥补泛化能力的不足。 如何让具身机器人在极少样本下也能快速学习、准确执行、灵活迁移，成为决定它们真正走出实验室、进入工业生产与人机协作场景的关键因素。 主要实验效果： 近日， 国内通用具身智能创企中科第五纪（FiveAges）正式发布新一代具身操作基础模型 FiveAges Manipulator-1（FAM-1） ，其核心架构源于团队入选 NeurIPS 2025 的《BridgeVLA: Bridging the Gap between Large Vision-Language Model and 3D Robot ...

Core Viewpoint - Anthropic has launched a new lightweight model, Claude Haiku 4.5, which emphasizes being "cheaper and faster" while maintaining competitive performance with its predecessor, Claude Sonnet 4 [2][4]. Model Performance and Cost Efficiency - Claude Haiku 4.5 offers coding performance comparable to Claude Sonnet 4 but at a significantly lower cost: $1 per million input tokens and $5 per million output tokens, which is one-third of the cost of Claude Sonnet 4 [2][4]. - The inference speed of Claude Haiku 4.5 has more than doubled compared to Claude Sonnet 4 [2][4]. - In specific benchmarks, Claude Haiku 4.5 outperformed Claude Sonnet 4, achieving 50.7% on OSWorld and 96.3% on AIME 2025, compared to Sonnet 4's 42.2% and 70.5%, respectively [4][6]. User Experience and Feedback - Early users, such as Guy Gur-Ari from Augment Code, reported that Claude Haiku 4.5 achieved 90% of the performance of Sonnet 4.5, showcasing impressive speed and cost-effectiveness [7]. - Jeff Wang, CEO of Windsurf, noted that Haiku 4.5 blurs the traditional trade-off between quality, speed, and cost, representing a new direction for model development [10]. Safety and Consistency - Claude Haiku 4.5 has undergone extensive safety and consistency evaluations, showing a lower incidence of concerning behaviors compared to its predecessor, Claude Haiku 3.5, and improved consistency over Claude Sonnet 4.5 [14][15]. - It is considered Anthropic's "safest model to date" based on these assessments [15]. Market Position and Future Outlook - Anthropic has been active in the market, releasing three major AI models within two months, indicating a competitive strategy [16]. - The company aims for an annual revenue target of $9 billion by the end of the year, with more aggressive goals set for the following year, potentially reaching $20 billion to $26 billion [18].