all AI news
Hacking Google Bard - From Prompt Injection to Data Exfiltration
Simon Willison's Weblog simonwillison.net
Hacking Google Bard - From Prompt Injection to Data Exfiltration
Bard recently grew extension support, allowing it access to a user's personal documents. Here's the first reported prompt injection attack against that.
This kind of attack against LLM systems is inevitable any time you combine access to private data with exposure to untrusted inputs. In this case the attack vector is a Google Doc shared with the user, containing prompt injection instructions that instruct the model to encode previous data …
ai bard data documents extension google google bard hacking kind llm llms private data prompt prompt injection promptinjection security support systems