惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
DataBreaches.Net
S
Schneier on Security
T
The Exploit Database - CXSecurity.com
Webroot Blog
Webroot Blog
AI
AI
P
Palo Alto Networks Blog
Attack and Defense Labs
Attack and Defense Labs
WordPress大学
WordPress大学
月光博客
月光博客
阮一峰的网络日志
阮一峰的网络日志
Spread Privacy
Spread Privacy
T
Tor Project blog
罗磊的独立博客
小众软件
小众软件
S
Security Affairs
酷 壳 – CoolShell
酷 壳 – CoolShell
量子位
Apple Machine Learning Research
Apple Machine Learning Research
T
Threatpost
NISL@THU
NISL@THU
博客园_首页
PCI Perspectives
PCI Perspectives
大猫的无限游戏
大猫的无限游戏
IT之家
IT之家
N
News and Events Feed by Topic
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Forbes - Security
Forbes - Security
博客园 - 叶小钗
D
Darknet – Hacking Tools, Hacker News & Cyber Security
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Last Week in AI
Last Week in AI
L
LINUX DO - 热门话题
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
腾讯CDC
Security Latest
Security Latest
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Cloudflare Blog
A
About on SuperTechFans
爱范儿
爱范儿
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
TaoSecurity Blog
TaoSecurity Blog
宝玉的分享
宝玉的分享
G
GRAHAM CLULEY
雷峰网
雷峰网
F
Full Disclosure
I
Intezer
Cloudbric
Cloudbric
博客园 - 三生石上(FineUI控件)
U
Unit 42

The Mozilla Blog

Wrexham AFC and Firefox announce a multi-year, front-of-kit partnership | The Mozilla Blog Announcing Mozilla.org | The Mozilla Blog Keeping the web open and private in the bot era | The Mozilla Blog Firefox is easier than ever to customize | The Mozilla Blog What's new in Firefox this June, and what's next on the Firefox roadmap | The Mozilla Blog Browse more privately all summer with Firefox's free built-in VPN | The Mozilla Blog Make Firefox your World Cup sidekick this summer | The Mozilla Blog Mozilla and Adafruit bring Web Serial workflows to Firefox | The Mozilla Blog Designing Firefox for the future | The Mozilla Blog A free VPN you can trust, now built into Firefox | The Mozilla Blog New in Firefox 151: VPN location selection, AI controls on mobile, and expanded Shake to Summarize support | The Mozilla Blog AI controls are here for Firefox mobile | The Mozilla Blog Firefox’s Shake to Summarize expands to Android and new languages on iOS | The Mozilla Blog Welcoming Abigail Besdin, Mozilla’s new Chief Operating Officer | The Mozilla Blog What’s new in Firefox mobile: Less clutter, more control and a free built-in VPN | The Mozilla Blog The zero-days are numbered  | The Mozilla Blog Old habits die hard: Microsoft tries to limit our options, this time with AI | The Mozilla Blog Mozilla and Mila announce strategic research partnership to advance open source and sovereign AI capabilities  | The Mozilla Blog Try Tab Notes in Firefox to leave a note on any page | The Mozilla Blog
0DIN is open-sourcing AI security and the hard-earned knowledge behind it | The Mozilla Blog
0DIN Team · 2026-04-10 · via The Mozilla Blog
Retro-futuristic scientist using an open-source AI scanner to analyze floating vintage technology and digital data streams in space.
Image generated by Nano Banana 2 in response to a request for a “Retro-futuristic collage of a scientist using an open-source AI scanner to analyze floating vintage tech and digital data streams.”

We’re launching across the developer and security community this week on Product Hunt and Hacker News. If you’ve been following AI security, we’d love your support and your feedback. 

At Mozilla, open source has never been just a licensing choice. It’s a conviction: the internet gets healthier when tools and knowledge circulate freely, when anyone can audit what’s running, extend what exists, and build on what came before. That’s why we built Firefox in the open. It’s why we’ve kept building that way ever since.

0DIN, Mozilla’s AI security team, is working from the same premise. This week we’re releasing the 0DIN AI Security Scanner as open source software under the Apache 2.0 license, along with 179 community probes covering 35 vulnerability families, plus six specialty probes drawn exclusively from our bug bounty library.

The scanner, and the intelligence behind it

The 0DIN Scanner isn’t another benchmark suite built from textbook examples. We’re seeding it with probes drawn directly from our bug bounty program, where security researchers compete to find novel techniques to manipulate, extract data from, and subvert AI systems. As new vulnerabilities are discovered and disclosed through that program, we’ll continue adding probes to the open-source library over time.

That loop, from researcher discovery to packaged reusable test, is what separates 0DIN Scanner from generic tooling. It’s high impact intelligence on jailbreaks, updated frequently as our researchers find new techniques.

Built on NVIDIA’s GARAK open-source framework, the 0DIN Scanner adds a graphical interface, automated scan scheduling, cross-model comparative analysis, and enterprise-grade reporting. It runs against frontier models, open source LLMs, chatbots and anything with a prompt interface. Security teams can see attack success rates, a vulnerability breakdown, and a comparison against the frontier models that attackers are also probing every day.

Six of those bug bounty probes are named here for the first time: Placeholder Injection, Incremental Table Completion, Technical Field Guide, Chemical Compiler Debug, Correction, and Hex Recipe Book. Each represents a real technique that worked against production AI systems before we closed the loop.

These probes are scored using JEF (Jailbreak Evaluation Framework), our open-source library for measuring prohibited content output, which is also seeing major updates this week.

The code is at github.com/0din-ai/ai-scanner. Fork it, extend it, build on it.

Knowing your risk before attackers do

Not every organization has a red team or the bandwidth to run adversarial testing. Many companies are deploying AI in production right now without a clear picture of where they’re exposed. To help close that gap, we’re offering free security assessments for enterprise AI deployments.

The assessment delivers an attack success rate against your systems, a breakdown across prompt injection, jailbreaks, and data extraction categories, and a benchmark comparison against major frontier models. The process takes a few minutes to setup with scan duration varying based on the number of probes chosen. If you’re actively deploying AI and haven’t tested it under adversarial conditions, this is a good place to start.

For teams that don’t want to manage the open source scanner on their own, we also offer a managed Enterprise edition with access to nearly 500 pre-disclosure probes from the bug bounty program, giving organizations advance notice of emerging techniques before they’re publicly known.

Why open source, and why now

AI is moving fast enough that no single team will solve this alone. There are too many threats, too many models, too much attack surface. Keeping our tools locked away would make 0DIN marginally stronger while leaving the broader internet weaker.

The researchers who submitted findings through our bug bounty program earned bounties for their work. We’re releasing a meaningful portion of that intelligence as open source and we’ll keep doing so as new vulnerabilities are discovered and disclosed. That’s the deal Mozilla has always offered: we build in the open, the community helps make it better, and the web gets a little healthier for it.

Get involved