The Enterprise AI Brief | Issue 5
Inside This Issue
The Threat Room
BitBypass: Binary Word Substitution Defeats Multiple Guard Systems
BitBypass hides one sensitive word as a hyphen-separated bitstream, then uses system-prompt instructions to make the model decode and reinsert it. In testing across five frontier models, this approach substantially reduced refusal rates and bypassed multiple guard layers. All five tested models produced phishing content at rates between 68-92%. If your safety controls assume plain-language detection will catch malicious intent, this research deserves close attention.
→ Read the full articleThe Operations Room
When Prompts Started Breaking Production
By early 2026, prompts were breaking production often enough that teams stopped treating them as configuration and started treating them like code: versioned, regression-tested, blocked in CI/CD when quality metrics slip. This is what happened when informal text became the functional interface defining system behavior, and why the teams that got ahead of it caught failures before their users did.
→ Read the full articleThe Engineering Room
Structured Outputs Are Becoming the Default Contract for LLM Integrations
For two years, "return JSON" was a polite request followed by parsing code and retries when the model ignored you. Structured outputs move schema enforcement into the decoding layer, and the ecosystem is converging on this as the default contract. If your automations break when a field is missing, this shift changes what reliability means and where validation effort needs to sit.
→ Read the full article