Search AI Products and News

A critical vulnerability has been discovered in Anthropic's Claude Code tool, potentially leading to system crashes for affected users. Details regarding the vulnerability and remediation efforts are currently unavailable.

White hat hacker Johann Rehberger recently revealed a shocking security vulnerability, finding that ChatGPT can be exploited by hackers as spyware, continuously stealing user data. Rehberger named this attack method "SpAIware," primarily targeting the new persistent memory feature of the macOS version of the ChatGPT application. This vulnerability exploits the recently launched persistent memory feature of ChatGPT. Through carefully crafted prompt injections, hackers can manipulate ChatGPT...

Recently, security researcher Johann Rehberger discovered a vulnerability in ChatGPT that could allow hackers to implant false information and malicious instructions in users' long-term memory. Although he reported the issue to OpenAI, unfortunately, the company did not take it seriously and quickly closed the related investigation, claiming it was not a security concern. Faced with this situation, Rehberger decided to persevere and developed a proof-of-concept attack example exploiting this vulnerability.

Anthropic has announced an expansion of its vulnerability reward program aimed at testing a 'next-generation AI safety mitigation system,' primarily focusing on identifying and defending against 'universal jailbreak attacks.' Special attention is given to high-risk areas, including CBRN defense and cybersecurity. Participants will have the opportunity to engage with the new safety system ahead of time, identifying vulnerabilities or bypassing security measures, with rewards of up to $15,000. This initiative aims to enhance the safety of AI systems by attracting security researchers to collaboratively discover and fix potential threats, setting a benchmark for safety in the AI industry.

Deep learning-based software security detection systems act as the 'security inspectors' of the digital age, efficiently identifying software vulnerabilities. However, a study named EaTVul has unveiled new challenges in this field. EaTVul is an innovative evasion attack strategy that modifies vulnerable code, leading deep learning detection systems to misjudge, achieving success rates ranging from 83% to 100%. Its method includes using support vector machines to identify key samples, attention mechanisms to recognize critical features, AI chatbots to generate confusing data, and fuzzy logic.

Google is currently testing the automatic theft detection feature announced at the May I/O Developer Conference for Android 15. The feature is being tested for the first time in Brazil, where smartphone theft is a serious issue, and user feedback has been enthusiastic.

The GPT-4 API has revealed a security vulnerability, as the FARAI laboratory team successfully exploited this advanced model through fine-tuning, function calls, and enhanced search techniques. By fine-tuning with 15 harmful samples and 100 benign samples, researchers found that GPT-4 may lower its security defenses when generating content. Researchers were able to make the GPT-4 model generate misinformation, extract private information, and insert malicious URLs. Model fine-tuning can lead to significant bias, generate malicious code, and even access unpublished information. This vulnerability highlights the

Teams from Google DeepMind, the University of Washington, and others have successfully unveiled the sources of ChatGPT's training data through a 'poetry attack'. This attack method involves repeating specific vocabulary, which led ChatGPT to disclose personal information, including phone numbers and email addresses. The vulnerability was reported to OpenAI on August 30, and no further comments have been made. The research calls for environmentally-friendly AI usage, pointing out the significant energy burden that text and image generation imposes on the environment.

OpenAI's DALL-E 3, an image-generating AI technology, has been found to be easily influenced by jailbreak prompts, resulting in the generation of photos depicting children smoking. The jailbreak technique was discovered by LinkedIn user Peter Gostev, who shared how to successfully bypass the AI's restrictions to create images related to children smoking. Although the jailbreak prompts are quite complex, this incident serves as a reminder that even the wealthiest companies in Silicon Valley struggle to establish comprehensive protective measures for their AI systems.

Microsoft's latest initiative: the Bing AI vulnerability bounty program. Prizes range from $2,000 to $15,000, attracting security researchers worldwide. The scope of vulnerabilities includes prompt injection attacks, false chat messages, and more. Microsoft is actively promoting the expansion of Bing Chat, aiming to challenge Google in the search domain.

🔍 Model Parasitism Attacks: Researchers reveal that large language models have critical vulnerabilities that could lead to private information leakage and targeted attacks. 🔐 Cybersecurity Risks: Although large language models have tremendous potential, businesses should seriously consider the cybersecurity risks that may arise when adopting and deploying them. 🤖 Potential Threats: The research warns that security vulnerabilities may successfully transfer between closed-source and open-source machine learning models, necessitating caution.

Recent research reveals vulnerabilities in the Midjourney image generator that may lead to the spread of misinformation. Users can bypass regulations to create offensive political images, raising serious concerns. The study found that users could easily circumvent the rules to produce prohibited images. By using coding techniques, they can violate the terms of service to create unrestricted images. This finding has raised alarms about the security of AI image generators.