The vulnerabilities in OpenAI’s ChatGPT arise from indirect prompt injections that enable attackers to manipulate the AI for data exfiltration without user interaction. Tenable researchers have detailed seven key vulnerabilities, highlighting how sophisticated these exploits have become, leveraging both browsing techniques and conversational prompts. Among them, a significant issue is the zero-click injection that triggers responses automatically when innocuous questions are asked, and the persistent memory manipulation, which allows vulnerabilities to perpetuate across sessions.
Additionally, several techniques such as url_safe bypasses and markdown rendering flaws are employed by attackers to hide malicious content from users while still affecting the model’s responses. Experts note that despite OpenAI’s attempts to address the issues through various Technical Research Advisories, prompt injection continues to pose challenges for LLMs. This situation underscores the necessity for heightened safeguards and rigorous testing, as the reliance on components like SearchGPT is not entirely secure. Overall, these findings serve as a critical reminder of the importance of scrutinizing AI dependencies.
👉 Pročitaj original: Cyber Security News
