Indirect Injection and Multi-Modal Attacks: Poisoning the Pipeline

Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves ...
CSOonline

Researchers warn of mass ‘meshing injection’ attack

Wayne Huang and the research team at Armorize have discovered a mass SQL injection coupled with a drive-by download, which they describe as a “mass meshing injection” attack. In a phone call this ...
Hosted on MSN

Hackers can use prompt injection attacks to hijack your AI chats — here's how to avoid this serious security flaw

While more and more people are using AI for a variety of purposes, threat actors have already found security flaws that can turn your helpful assistant into their partner in crime without you even ...
Dark Reading

LLMs Open to Manipulation Using Doctored Images, Audio

Attackers could soon begin using malicious instructions hidden in strategically placed images and audio clips online to manipulate responses to user prompts from large language models (LLMs) behind AI ...
Dark Reading

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem

As troubling as deepfakes and large language model (LLM)-powered phishing are to the state of cybersecurity today, the truth is that the buzz around these risks may be overshadowing some of the bigger ...
Ars Technica

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from ...
Security

Cybersecurity Awareness Month: How to mitigate an SQL Injection Attack

In response to this, the application security SaaS company Indusface has detailed the potential financial impact of SQL Injection attacks on businesses. Additionally, they offer best practices to help ...