injection attacks – Page 5 – Experimental News Clipping Site

Simon Willison’s Weblog: Design Patterns for Securing LLM Agents against Prompt Injections

Jun 13, 2025

—

by

Source URL: https://simonwillison.net/2025/Jun/13/prompt-injection-design-patterns/#atom-everything Source: Simon Willison’s Weblog Title: Design Patterns for Securing LLM Agents against Prompt Injections Feedly Summary: This a new paper by 11 authors from organizations including IBM, Invariant Labs, ETH Zurich, Google and Microsoft is an excellent addition to the literature on prompt injection and LLM security. In this work, we describe…

Simon Willison’s Weblog: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot

Jun 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jun/11/echoleak/ Source: Simon Willison’s Weblog Title: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Feedly Summary: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is…

Simon Willison’s Weblog: Codex agent internet access

Jun 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jun/3/codex-agent-internet-access/ Source: Simon Willison’s Weblog Title: Codex agent internet access Feedly Summary: Codex agent internet access Sam Altman, just now: codex gets access to the internet today! it is off by default and there are complex tradeoffs; people should read about the risks carefully and use when it makes sense. This is the…

Simon Willison’s Weblog: System Card: Claude Opus 4 & Claude Sonnet 4

May 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/25/claude-4-system-card/#atom-everything Source: Simon Willison’s Weblog Title: System Card: Claude Opus 4 & Claude Sonnet 4 Feedly Summary: System Card: Claude Opus 4 & Claude Sonnet 4 Direct link to a PDF on Anthropic’s CDN because they don’t appear to have a landing page anywhere for this document. Anthropic’s system cards are always worth…

Cloud Blog: Gemini 2.5 Flash and Pro expand on Vertex AI to drive more sophisticated and secure AI innovation

May 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/ai-machine-learning/expanding-gemini-2-5-flash-and-pro-capabilities/ Source: Cloud Blog Title: Gemini 2.5 Flash and Pro expand on Vertex AI to drive more sophisticated and secure AI innovation Feedly Summary: Today at Google I/O, we’re expanding Gemini 2.5 Flash and Pro model capabilities that help enterprises build more sophisticated and secure AI-driven applications and agents: Thought summaries: For enterprise-grade…

Simon Willison’s Weblog: Building software on top of Large Language Models

May 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/15/building-on-llms/#atom-everything Source: Simon Willison’s Weblog Title: Building software on top of Large Language Models Feedly Summary: I presented a three hour workshop at PyCon US yesterday titled Building software on top of Large Language Models. The goal of the workshop was to give participants everything they needed to get started writing code that…

Bulletins: Vulnerability Summary for the Week of May 5, 2025

May 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-132 Source: Bulletins Title: Vulnerability Summary for the Week of May 5, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1clickmigration–1 Click WordPress Migration Plugin 100% FREE for a limited time The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress…

Cloud Blog: Palo Alto Networks’ journey to productionizing gen AI

May 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/partners/how-palo-alto-networks-builds-gen-ai-solutions/ Source: Cloud Blog Title: Palo Alto Networks’ journey to productionizing gen AI Feedly Summary: At Google Cloud, we empower businesses to accelerate their generative AI innovation cycle by providing a path from prototype to production. Palo Alto Networks, a global cybersecurity leader, partnered with Google Cloud to develop an innovative security posture…

Simon Willison’s Weblog: A comparison of ChatGPT/GPT-4o’s previous and current system prompts

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/29/chatgpt-sycophancy-prompt/ Source: Simon Willison’s Weblog Title: A comparison of ChatGPT/GPT-4o’s previous and current system prompts Feedly Summary: A comparison of ChatGPT/GPT-4o’s previous and current system prompts GPT-4o’s recent update caused it to be way too sycophantic and disingenuously praise anything the user said. OpenAI’s Aidan McLaughlin: last night we rolled out our first…

Schneier on Security: Applying Security Engineering to Prompt Injection Security

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/04/applying-security-engineering-to-prompt-injection-security.html Source: Schneier on Security Title: Applying Security Engineering to Prompt Injection Security Feedly Summary: This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police…

Tag: injection attacks