The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...
ZDNet

How OpenAI is defending ChatGPT Atlas from attacks now - and why safety's not guaranteed

OpenAI built an "automated attacker" to test Atlas' defenses. The qualities that make agents useful also make them vulnerable. AI security will be a game of cat and mouse for a long time. OpenAI is ...
winbuzzer.com

OpenAI Deploys Automated ‘Attacker’ to Harden Atlas Browser, Admits Prompt Injection Is ...

Facing sustained scrutiny over vulnerabilities in its ChatGPT Atlas browser, OpenAI presented a new automated security testing system on Monday. Yet the technical upgrade arrives with a sobering ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
IEEE

Using ChatGPT in Designing Web Applications Resistant to SQL Injection Attacks

Abstract: This paper investigates leveraging ChatGPT as a tool for testing web applications resilient to SQL injection attacks. Subsequently, the web application analysis is conducted using different ...
EurekAlert!

Vulnerability of large language models to prompt injection when providing medical advice

About The Study: In this quality improvement study using a controlled simulation, commercial large language models (LLM’s) demonstrated substantial vulnerability to prompt-injection attacks (i.e., ...
IEEE

Preventing SQL Injection Attacks with Machine Learning: A TF-IDF + XGBoost Approach

Abstract: SQL injection is still one of the most exploited threats as a result of the rapid rise of web-based threats. Therefore, this paper presents a security framework for SQL injection attack ...