SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
InfoQ

DeepMind Researchers Propose Defense against LLM Prompt Injection

To prevent prompt injection attacks when working with untrusted sources, Google DeepMind researchers have proposed CaMeL, a defense layer around LLMs that blocks malicious inputs by extracting the ...

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...
Dark Reading

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem

As troubling as deepfakes and large language model (LLM)-powered phishing are to the state of cybersecurity today, the truth is that the buzz around these risks may be overshadowing some of the bigger ...
Computer Weekly

NCSC warns of confusion over true nature of AI prompt injection

The UK’s National Cyber Security Centre (NCSC) has highlighted a potentially dangerous misunderstanding surrounding emergent prompt injection attacks against generative artificial intelligence (GenAI) ...
ZDNet

Use an AI browser? 5 ways to protect yourself from prompt injections - before it's too late

Agentic AI browsers have opened the door to prompt injection attacks. Prompt injection can steal data or push you to malicious websites. Developers are working on fixes, but you can take steps to stay ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
eWeek

The Prompt Engineering Cheat Sheet: How to Write Better AI Prompts

Learn prompt engineering with this practical cheat sheet covering frameworks, techniques, and tips to get more accurate and ...
ZDNet

How OpenAI is defending ChatGPT Atlas from attacks now - and why safety's not guaranteed

OpenAI built an "automated attacker" to test Atlas' defenses. The qualities that make agents useful also make them vulnerable. AI security will be a game of cat and mouse for a long time. OpenAI is ...
Computerworld

Gemini for Chrome gets a second AI agent to watch over it

Google is deploying a second AI model to monitor its Gemini-powered Chrome browsing agent after acknowledging the agent could be tricked into taking unauthorized actions through prompt injection ...
BGR

Security Researchers Just Hacked ChatGPT Using A Single 'Poisoned' Document

New findings from a group of researchers at the Black Hat hacker conference in Las Vegas has revealed that it only takes one "poisoned" document to gain access to private data using ChatGPT that has ...