2025年3月，国家网络安全通报中心紧急通报开源大模型工具Ollama存在严重漏洞，存在数据泄露、算力盗取、服务中断等安全风险，极易引发网络和数 据安全事件；2025年6月，英国高等法院发现数十份法律文书中含ChatGPT生成的虚构判例，其中一起高额索赔案件中，多项判例引用均为伪造…… 当大模型以"基础设施"姿态渗透到各种关键领域，其自身存在的数据安全、算法鲁棒性、输出可信度等"内生风险"已从理论隐患变为现实威胁，甚至关乎 公共利益与社会秩序。 在今年世界互联网大会乌镇峰会期间，360安全发布《大模型安全白皮书》，提到当前大模型安全漏洞呈指数级增长，2025年国内首次AI大模型实网众测 发现281个安全漏洞，其中大模型特有漏洞占比超60%。 无论是企业面对漏洞时的被动修复，还是行业缺乏覆盖全链路的风险管控工具，都让大模型安全防护陷入"事后补救"的困境。近日，安远AI发布前沿AI风 险监测平台，这是专注于评估与监测前沿AI模型灾难性风险的第三方平台，通过基准测试和数据分析，对全球15家领先模型公司的前沿大模型的滥用和 失控风险进行针对性评估和定期监测，动态掌握AI模型风险现状及其变化趋势，为破解大模型"带病运行 ...

Core Insights - The white paper systematically outlines five key risks threatening the security of large models, including infrastructure security risks, content security risks, data and knowledge base security risks, agent security risks, and user-end security risks [1][3] - The proposed dual governance strategy combines "external security" and "platform-native security" to create a comprehensive protection network for AI applications [1][3] Group 1: Key Risks - The first category of risks is infrastructure security risks, which include device control, supply chain vulnerabilities, denial-of-service attacks, and misuse of computing resources [1] - The second category is content security risks, involving non-compliance with core values, false or illegal content, model hallucinations, and prompt injection attacks [1] - The third category focuses on data and knowledge base security risks, highlighting issues such as data breaches, unauthorized access, privacy abuse, and intellectual property concerns [1] - The fourth category addresses agent security risks, where the increasing autonomy of agents blurs the security boundaries in areas like plugin invocation, computing resource scheduling, and data flow [1] - The fifth category is user-end security risks, which encompass permission control, API call monitoring, execution of malicious scripts, and security during MCP execution [1] Group 2: Security Solutions - The white paper emphasizes a dual governance strategy: "external security" acts as a flexible response to real-time risks, while "platform-native security" builds a robust security foundation from the ground up [1] - 360's products, including enterprise-level knowledge bases and agent construction platforms, are designed to embed security deeply within the platform, ensuring compliance with national and industry standards [2] - The three main platform products work together to address inherent security challenges, such as data leakage, uncontrolled agent behavior, and terminal misuse, thereby establishing a stable foundation for AI applications [2] - 360 has implemented these capabilities across various sectors, including government, finance, and manufacturing, transforming theoretical security into practical solutions [2] - The company aims to collaborate with academia and industry to promote security standards and technology sharing, contributing to a safer and more trustworthy AI ecosystem [2]

Core Insights - The 360 Digital Security Group released the "Large Model Security White Paper" at the World Internet Conference, outlining five key risks associated with large model operations and proposing a dual-track governance strategy for security [1][2] Group 1: Key Risks Identified - The white paper identifies five critical risks threatening large model security: 1. Infrastructure security risks, including device control, supply chain vulnerabilities, denial-of-service attacks, and misuse of computing resources 2. Content security risks, involving non-compliance with core values, false or illegal content, large model hallucinations, and prompt injection attacks 3. Data and knowledge base security risks, highlighting issues like data leakage, unauthorized access, privacy abuse, and intellectual property concerns 4. Intelligent agent security risks, where the boundaries of security become blurred due to increased autonomy in agent operations 5. User-end security risks, which encompass permission control, API call monitoring, execution of malicious scripts, and security in MCP execution [1] Group 2: Proposed Security Solutions - The white paper advocates a "plug-in security + platform-native security" dual governance strategy, which offers two main advantages: 1. High adaptability and low deployment costs, allowing for quick integration into various enterprise environments without redundant development 2. Rapid response capabilities with independent monitoring and interception mechanisms that can identify and block real-time threats, such as abnormal computing consumption or malicious content, in milliseconds [2] Group 3: Implementation and Future Plans - 360 has successfully implemented these security capabilities across various sectors, including government, finance, and manufacturing, transforming large model security from theoretical concepts into practical, actionable solutions - The company plans to collaborate with academia and industry to promote the establishment of security standards and technology sharing, aiming to build a safe and trustworthy AI ecosystem [2]

Group 1 - The core issue of AI-generated content, particularly the risks associated with AI face-swapping technology, has gained significant attention following an incident involving actor Wen Zhengrong [1] - Hu Zhenquan, president of 360 Digital Security Group, highlighted the challenges in identifying AI-generated content due to its realism, indicating a need for improved detection technologies [1][3] - The 2025 World Internet Conference in Wuzhen served as a platform for the release of the "Large Model Security White Paper," which outlines the security vulnerabilities associated with AI large models [3][4] Group 2 - The white paper identified 281 security vulnerabilities, with 177 being unique to large models, representing over 60% of the total [3] - Five key risk categories threatening large model security were outlined, including infrastructure security risks, content security risks, data and knowledge base security risks, user-end security risks, and the complexities arising from the interconnection of these risks [4] - The proposed dual governance strategy includes "external security" focusing on model protection and "native platform security" embedding security capabilities within core components [4] Group 3 - Despite the controversies surrounding AI intelligent agents, Hu Zhenquan expressed optimism about their future, likening their current stage to the early days of personal computers [5] - He emphasized that intelligent agents, as essential carriers for large model applications, are expected to evolve and become mainstream in AI applications [5] - The development of intelligent agents is anticipated to lead to significant advancements in efficiency and capability in the near future [5]

Core Viewpoint - The 360 Digital Security Group released the "Large Model Security White Paper" at the World Internet Conference, outlining five key risks associated with large model operations and proposing a dual-track governance strategy for security [1][2]. Summary by Sections Key Risks Identified - The white paper identifies five critical risks threatening large model security: 1. Infrastructure security risks, including device control, supply chain vulnerabilities, denial-of-service attacks, and misuse of computing resources 2. Content security risks, involving non-compliance with core values, false or illegal content, model hallucinations, and prompt injection attacks 3. Data and knowledge base security risks, highlighting data breaches, unauthorized access, privacy abuse, and intellectual property issues 4. Agent security risks, where the increasing autonomy of agents blurs security boundaries in areas like plugin calls, computing resource scheduling, and data flow 5. User-end security risks, covering permission control, API call monitoring, malicious script execution, and MCP execution security [1][2]. Governance Strategy - The white paper proposes a dual-track governance strategy of "external security + platform-native security": - External security acts as an "external bodyguard" to flexibly respond to real-time risks, while platform-native security serves as an "internal armor" to strengthen the foundational security [2][3]. - External security focuses on monitoring and defending against risks related to computing hosts, software ecosystems, input/output content, and model hallucinations [2]. - Platform-native security embeds security capabilities into core components, enhancing the safety of supporting components and ensuring compliance throughout the process [3][4]. Product Capabilities - The company has developed a comprehensive solution for large model security, consisting of seven core product capabilities that combine external and platform-native security: - External security capabilities do not intrude on the original architecture of large models and provide flexible, rapid dynamic protection through external tools [3]. - Key products include the Large Model Guardian computing host security system, detection system, protection system, and hallucination detection and mitigation system, which together form an external barrier against infrastructure and content risks [3][4]. Implementation and Future Plans - The platform-native security approach is reflected in three major products: an enterprise-level knowledge base, an agent construction and operation platform, and an agent client, which collectively address internal security challenges [4]. - The company has successfully implemented these capabilities across various sectors, including government, finance, and manufacturing, transforming large model security from theory into practical solutions [4][5]. - Future plans involve collaboration with academia and industry to promote security standards and technology sharing, aiming to build a safe and trustworthy AI ecosystem [5].

Core Insights - The 360 Digital Security Group released the "Large Model Security White Paper" at the World Internet Conference, outlining five key risks associated with large model operations and proposing a dual-track security strategy to enhance AI safety and reliability [1][4][12] Risk Summary - The white paper identifies five critical risks to large model security: 1. Infrastructure security risks, including device control, supply chain vulnerabilities, denial-of-service attacks, and misuse of computing resources [5] 2. Content security risks, which involve non-compliance with core values, false or illegal content, model hallucinations, and prompt injection attacks [5] 3. Data and knowledge base security risks, highlighting issues like data leakage, unauthorized access, privacy abuse, and intellectual property concerns [5] 4. Intelligent agent security risks, where the increasing autonomy of agents blurs security boundaries in areas like plugin invocation and data flow [5] 5. User-end security risks, including permission control, API call monitoring, malicious script execution, and security in multi-cloud platforms [5] Security Strategy - The white paper proposes a dual-track governance strategy of "External Security + Platform Native Security" to address the identified risks: - External security acts as an "external bodyguard" for real-time risk management, while platform native security serves as an "internal armor" to strengthen foundational safety [7][10] Implementation of Security Measures - The external security approach focuses on proactive monitoring and defense against threats to computing hosts, software ecosystems, input/output content, and model hallucinations, offering adaptability and rapid response capabilities [9] - The platform native security embeds safety features into core components, ensuring compliance with national and industry standards while providing comprehensive protection for intelligent applications [9][10] Comprehensive Defense Capabilities - The company has developed a comprehensive solution comprising seven core product capabilities that integrate external and platform native security, addressing risks from infrastructure to content layers [10] - The external security products include systems for computing host security, detection, protection, and hallucination detection, while platform native products safeguard data, control intelligent agent behavior, and secure user endpoints [10][12] Industry Application - The security capabilities have been successfully implemented across various sectors, including government, finance, and manufacturing, transforming theoretical security measures into practical solutions [12]

Core Insights - Q3 2025 report shows significant improvement in key financial metrics for Qimingxingchen, with revenue reaching 1.548 billion yuan and gross margin increasing by 7 percentage points year-on-year [1] - The company has achieved positive operating cash flow for two consecutive quarters, indicating a solid operational foundation [1] Financial Performance - Revenue for the first three quarters of 2025 was 1.548 billion yuan, with a gross margin increase of 7 percentage points year-on-year and a nearly 16 percentage point increase in Q3 alone [1] - Operating expenses were reduced by 161 million yuan compared to the same period last year, demonstrating effective cost management [1] - Net cash flow from operating activities increased by 443 million yuan year-on-year, a growth of 75%, maintaining positive inflow for two consecutive quarters [2] Cash and Debt Management - The company has cash reserves exceeding 4.2 billion yuan and no interest-bearing debt, positioning it strongly within the industry [2] - This financial strength supports increased investment in technology and market opportunities, as well as talent retention [2] Strategic Partnerships and Market Position - Collaboration with China Mobile has accelerated technology transfer and market expansion, leading to successful bids for key products like large model security products and the "Data Oasis" product line [2] - The company has secured a major contract for a national medical big data center, enhancing its market position in data security [3] Technological Advancements - Qimingxingchen is proactively engaging in quantum computing and other cutting-edge technology areas, integrating quantum key distribution into its VPN products to enhance security capabilities [3] - The company’s large model application firewall (MAF) has been recognized as a leading technology in AI application security, winning exclusive contracts with major internet firms [2][3]

Core Insights - Tencent Security showcased its advancements in AI security, cybersecurity, and domestic integration innovation at the 2025 National Cybersecurity Awareness Week in Kunming, Yunnan, emphasizing its commitment to building a "digital shield" for various industries [1][3]. AI Security - The rise of AI, particularly large models, presents new security challenges that traditional defense systems struggle to address, necessitating the construction of a robust defense line for the AI era [3]. - Tencent provides a comprehensive solution covering the entire lifecycle of large models, integrating years of practical experience into a structured risk governance framework [3][5]. Large Model Security - Tencent introduced the AI-SPM large model security posture management product to protect the operational environment of large models, enabling timely detection and handling of security risks [5]. - The LLM-WAF large model firewall was launched to offer full-link protection against various threats, including computational abuse and data leakage [5]. Data and Content Security - Tencent employs multiple technologies for end-to-end protection of data security and privacy throughout the lifecycle of large models, including data classification, encryption, and auditing [8]. - The Tencent Cloud Tianyu content risk control platform supports large model training and inference through a six-dimensional approach, ensuring effective content management [8]. Cloud Security - Tencent Cloud maintains over 1.5 million servers globally and has developed a "1+4+N" security defense system to address common and industry-specific security challenges faced by enterprises [10][12]. - The "1+4+N" defense system includes exposure management, data security, host security, web application firewalls, and cloud firewalls, providing a comprehensive security framework for cloud operations [12][14]. Cloud-Native Security - Tencent Cloud has established a cloud-native security system that adheres to principles such as security capability native integration and zero-trust architecture, ensuring the security of containerized applications throughout their lifecycle [15][17]. - The system includes capabilities for image security, runtime intrusion detection, and network security, addressing the unique risks associated with cloud-native architectures [15][17]. Mini Program Security - Tencent Cloud has launched an innovative security solution for mini programs, providing essential protections such as DDoS defense and web application security, ensuring a seamless user experience for retail businesses [18].

Core Viewpoint - The research by Anthropic reveals that a small number of malicious documents (250) can effectively implant "backdoor" vulnerabilities in large language models (LLMs), regardless of their size, indicating that data poisoning attacks may be simpler than previously thought [2][4][19]. Group 1: Research Findings - Anthropic, in collaboration with AISI and the Turing Institute, demonstrated that a limited number of malicious documents can create vulnerabilities in various sizes of LLMs [4]. - The study found that the number of malicious documents required to implant a backdoor does not need to scale with the model size; 250 documents are sufficient for models ranging from 600M to 13B parameters [6][14]. - The experiment showed that even with a small percentage of malicious tokens (0.00016% of the training tokens for the 13B model), the model's perplexity increased significantly upon encountering a specific trigger phrase [12][14]. Group 2: Attack Methodology - The attack method chosen was a "denial of service" type backdoor, where the model outputs gibberish upon seeing a specific trigger phrase, while functioning normally otherwise [8]. - The malicious documents were created by inserting a predetermined trigger into normal training text, followed by random gibberish, allowing for easy generation of "poisoned" documents [9][17]. - Testing involved training models of different sizes (600M, 2B, 7B, 13B) with varying amounts of malicious documents (100, 250, 500) to assess the impact on model performance [10]. Group 3: Implications for AI Security - The findings suggest that the simplicity of data poisoning attacks in the AI era necessitates ongoing exploration of new defense strategies by model developers [19]. - The research highlights a shift in understanding regarding the requirements for effective data poisoning, emphasizing the absolute number of malicious documents over their proportion in the training dataset [14].

Core Viewpoint - The company is focusing on the strategic layout of "AI + Security" in its core business of cybersecurity, leveraging AI to enhance security capabilities and optimize security models [1] Group 1: AI Empowerment in Security - The company is training and optimizing security large models and building intelligent security agents using AI [1] - The foundation of the security large model is based on China Mobile's Jiutian large model, supported by its powerful computing resources [1] - The company is continuously upgrading the Taihe security large model with high-quality security datasets, significantly improving product capabilities and service efficiency [1] Group 2: AI Application Security - The company is rapidly launching a matrix of large model security products to address security risks associated with large model applications [1] - A systematic solution has been formed to tackle the security risks of AI applications [1] - The company has not participated in the "Liuyun" large model [1]