OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood that sensitive data gets shared in the process.
9to5Mac

Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue allowed researchers to circumvent Apple’s restrictions and force the on-device LLM to execute attacker-controlled actions. Here’s how they did it. Interestingly, they ...
ExtremeTech

OpenAI’s ChatGPT Atlas Browser Found Vulnerable to Prompt Injections

OpenAI's new ChatGPT Atlas web browser has a security flaw that lets attackers execute prompt injection attacks by disguising malicious instructions as URLs. The AI security firm NeuralTrust says the ...
TechRepublic

Gemini AI Vulnerable to Calendar-Based Hack: What is Google’s Mitigation Approach?

Hidden prompts in Google Calendar events can trick Gemini AI into executing malicious commands via indirect prompt injection. A team of security researchers at SafeBreach has revealed a new ...
Bleeping Computer

Reprompt attack hijacked Microsoft Copilot sessions for data theft

Researchers identified an attack method dubbed “Reprompt” that could allow attackers to infiltrate a user’s Microsoft Copilot session and issue commands to exfiltrate sensitive data. By hiding a ...
JD Supra

The 'Butler Attack' — Delivering Prompt Data Breaches Direct From Your Mailbox

Forget the “Barbarians at the gate,” we may have bigger issues to deal with from the “Butler’s serving us at our Banquets.” While Business Email Compromise (BEC) and/or ransomware attacks have been ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Chrome's WebMCP guidance warns that AI agents can be manipulated through the tools they are built to trust.