injection – Page 14 – Experimental News Clipping Site

Simon Willison’s Weblog: A comparison of ChatGPT/GPT-4o’s previous and current system prompts

Apr 29, 2025

—

by

Source URL: https://simonwillison.net/2025/Apr/29/chatgpt-sycophancy-prompt/ Source: Simon Willison’s Weblog Title: A comparison of ChatGPT/GPT-4o’s previous and current system prompts Feedly Summary: A comparison of ChatGPT/GPT-4o’s previous and current system prompts GPT-4o’s recent update caused it to be way too sycophantic and disingenuously praise anything the user said. OpenAI’s Aidan McLaughlin: last night we rolled out our first…

Schneier on Security: Applying Security Engineering to Prompt Injection Security

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/04/applying-security-engineering-to-prompt-injection-security.html Source: Schneier on Security Title: Applying Security Engineering to Prompt Injection Security Feedly Summary: This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police…

Cloud Blog: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends/ Source: Cloud Blog Title: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis Feedly Summary: Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023…

Simon Willison’s Weblog: A comparison of ChatGPT/GPT-4o’s previous and current system prompts

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/29/a-comparison-of-chatgptgpt-4os-previous-and-current-system-promp/#atom-everything Source: Simon Willison’s Weblog Title: A comparison of ChatGPT/GPT-4o’s previous and current system prompts Feedly Summary: A comparison of ChatGPT/GPT-4o’s previous and current system prompts GPT-4o’s recent update caused it to be way too sycophantic and disingenuously praise anything the user said. OpenAI’s Aidan McLaughlin: last night we rolled out our first…

Bulletins: Vulnerability Summary for the Week of April 21, 2025

Apr 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-118 Source: Bulletins Title: Vulnerability Summary for the Week of April 21, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info AdeptLanguage–Adept Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is…

The Register: Ripple NPM supply chain attack hunts for private keys

Apr 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/23/ripple_npm_supply_chain/ Source: The Register Title: Ripple NPM supply chain attack hunts for private keys Feedly Summary: A mystery thief and a critical CVE involved in crypto cash grab Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency.… AI Summary and Description: Yes Summary: The…

Microsoft Security Blog: Understanding the threat landscape for Kubernetes and containerized assets

Apr 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/23/understanding-the-threat-landscape-for-kubernetes-and-containerized-assets/ Source: Microsoft Security Blog Title: Understanding the threat landscape for Kubernetes and containerized assets Feedly Summary: The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has…

Microsoft Security Blog: Microsoft’s Secure by Design journey: One year of success

Apr 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/17/microsofts-secure-by-design-journey-one-year-of-success/ Source: Microsoft Security Blog Title: Microsoft’s Secure by Design journey: One year of success Feedly Summary: Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative. The post Microsoft’s Secure by…

The Register: AI can’t stop making up software dependencies and sabotaging everything

Apr 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/ Source: The Register Title: AI can’t stop making up software dependencies and sabotaging everything Feedly Summary: Hallucinated package names fuel ‘slopsquatting’ The rise of AI-powered code generation tools is reshaping how developers write software – and introducing new risks to the software supply chain in the process.… AI Summary and Description: Yes…

Simon Willison’s Weblog: CaMeL offers a promising new direction for mitigating prompt injection attacks

Apr 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/11/camel/#atom-everything Source: Simon Willison’s Weblog Title: CaMeL offers a promising new direction for mitigating prompt injection attacks Feedly Summary: In the two and a half years that we’ve been talking about prompt injection attacks I’ve seen alarmingly little progress towards a robust solution. The new paper Defeating Prompt Injections by Design from Google…

Tag: injection