9 / 1779

AI Models Overthink Problems—and It’s a Security Risk

TL;DR

Researchers from Zhejiang University and Alibaba show an overthinking attack against reasoning models: logically inconsistent prompts can push models into very long reasoning loops and oversized outputs. The tested systems included DeepSeek-R1, Qwen3-Thinking, OpenAI GPT-o3 and Google Gemini 2.5 Flash. On one math benchmark, outputs grew up to 26.1 times longer than responses to normal questions.

Nauti's Take

This is the kind of security problem that product demos hide well: the model looks smarter because it reasons longer, but that same behavior becomes an attack surface. The important part is that the study says the attack can work against closed commercial models without access to weights or internals.

The fix will not be a magic prompt; it will be hard budgets, better detection of impossible tasks and honest failure modes instead of endless reasoning spirals.

Briefingshow

Reasoning makes models more useful for coding, math and complex planning, but it also creates a new cost and availability weakness. Traditional prompt security often focuses on harmful content or data leakage; here, an unsolvable or inconsistent task can be enough to burn compute. Providers need controls that limit reasoning effort, not just filters that inspect final answers.

Sources