Recherche : [prompt-injection]

Data Exfiltration from Slack AI via indirect prompt injection https://promptarmor.substack.com/p/data-exfiltration-from-slack-ai-via

20/08/2024 21:40:04

This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. This was responsibly disclosed to Slack (more details in Responsible Disclosure section at the end).

Don’t you (forget NLP): Prompt injection with control characters in ChatGPT https://dropbox.tech/machine-learning/prompt-injection-with-control-characters-openai-chatgpt-llm

04/08/2023 09:47:15

Like many companies, Dropbox has been experimenting with large language models (LLMs) as a potential backend for product and research initiatives. As interest in leveraging LLMs has increased in recent months, the Dropbox Security team has been advising on measures to harden internal Dropbox infrastructure for secure usage in accordance with our AI principles. In particular, we’ve been working to mitigate abuse of potential LLM-powered products and features via user-controlled input.

Prompt Injections are bad, mkay? https://greshake.github.io/

23/03/2023 16:47:51

Large Language Models (LLM) have made amazing progress in recent years. Most recently, they have demonstrated to answer natural language questions at a surprising performance level. In addition, by clever prompting, these models can change their behavior. In this way, these models blur the line between data and instruction. From "traditional" cybersecurity, we know that this is a problem. The importance of security boundaries between trusted and untrusted inputs for LLMs was underestimated. We show that Prompt Injection is a serious security threat that needs to be addressed as models are deployed to new use-cases and interface with more systems.

[PDF DOC] https://arxiv.org/pdf/2302.12173.pdf

Liens par page

Filtres