万万没想到:韩国大神35行Python代码意外揭开了Codex API的黑盒设计 ...

在文章中,李康旭展示了一个实验:通过仅 2 次 API 调用 + 35 行 Python 代码,成功推断出了OpenAI Codex CLI 的上下文压缩流程,并通过一次 prompt injection,诱导模型泄露了内部提示词结构。
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
TechSpot

New approach from DeepMind partitions LLMs to mitigate prompt injection

In context: Prompt injection is an inherent flaw in large language models, allowing attackers to hijack AI behavior by embedding malicious commands in the input text. Most defenses rely on internal ...
TechRepublic

UK’s NCSC Warns Against Cybersecurity Attacks on AI

Large language models used in artificial intelligence, such as ChatGPT or Google Bard, are prone to different cybersecurity attacks, in particular prompt injection and data poisoning. The U.K.’s ...
来自MSN

OpenAI's Atlas shrugs off inevitability of prompt injection, releases AI browser anyway

OpenAI's brand new Atlas browser is more than willing to follow commands maliciously embedded in a web page, an attack type known as indirect prompt injection.… Prompt injection vulnerability is a ...