>>Within three months of the rollout, Rehberger found that memories could be created and permanently stored through indirect prompt injection, an AI exploit that causes an #LLM to follow instructions from untrusted content such as emails, blog posts, or documents.
https://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/
#InfoSec #OpenAI #ChatGPT
Aljoscha Rittner (beandev) /
npub15y…mqyfc
2024-09-25 06:45:17
Author Public Key
npub15yyevvzcx6jwtu9he343mt5ssdrkmamnmj0pu3gx629cvy7phc5qrmqyfcSeen on
wss://relay.nostr.bandPublished at
2024-09-25 06:45:17Event JSON
{
"id": "314fc6669bc6bd9773331fdec7807fee571aa14b428ad41c845fff5ecd9201b4",
"pubkey": "a10996305836a4e5f0b7cc6b1dae9083476df773dc9e1e4506d28b8613c1be28",
"created_at": 1727246717,
"kind": 1,
"tags": [
[
"t",
"llm"
],
[
"t",
"infosec"
],
[
"t",
"openai"
],
[
"t",
"chatgpt"
],
[
"proxy",
"https://social.tchncs.de/users/beandev/statuses/113196840876458331",
"activitypub"
]
],
"content": "\u003e\u003eWithin three months of the rollout, Rehberger found that memories could be created and permanently stored through indirect prompt injection, an AI exploit that causes an #LLM to follow instructions from untrusted content such as emails, blog posts, or documents. \n\nhttps://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/\n\n#InfoSec #OpenAI #ChatGPT",
"sig": "6c84f9c130114e779e9120f74397113cad4ac4f85c7196f20c0f65d2e5ea7b065e51bac596a3f2f2718b403c22a9b60e67ff985de1dce0043f58fd7003891dc3"
}