MIT researchers discovered that a single word change can fool AI text classifiers used in finance, healthcare, and content moderation. Their SP-Attack tool, leveraging large language models, reveals vulnerabilities where just 30 words can trigger half of all successful attacks on systems managing billions in transactions and critical decisions.

This isn't theoretical. The Dutch childcare algorithm scandal wrongfully accused 35,000 families, while IBM's Watson for Oncology gave unsafe recommendations. These failures highlight a fundamental fragility in machine learning systems, where adversarial examples exploit mathematical patterns rather than understanding meaning, making them vulnerable to simple manipulation.

MIT released both SP-Attack and SP-Defense tools as open-source software, forcing a reckoning on AI security. The vulnerability rate remains high—even advanced defenses fail 33% of the time. This transparency arms both defenders and attackers, challenging the industry to prioritize robustness alongside accuracy in critical deployment contexts.