Tag: injection
-
Simon Willison’s Weblog: Quoting Model Card Addendum: Claude 3.5 Haiku and Upgraded Sonnet
Source URL: https://simonwillison.net/2024/Oct/23/model-card/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Model Card Addendum: Claude 3.5 Haiku and Upgraded Sonnet Feedly Summary: We enhanced the ability of the upgraded Claude 3.5 Sonnet and Claude 3.5 Haiku to recognize and resist prompt injection attempts. Prompt injection is an attack where a malicious user feeds instructions to a model…
-
METR Blog – METR: An update on our general capability evaluations
Source URL: https://metr.org/blog/2024-08-06-update-on-evaluations/ Source: METR Blog – METR Title: An update on our general capability evaluations Feedly Summary: AI Summary and Description: Yes **Summary:** The provided text discusses the development of evaluation metrics for AI capabilities, particularly focusing on autonomous systems. It aims to create measures that can assess general autonomy rather than solely relying…
-
Simon Willison’s Weblog: This prompt can make an AI chatbot identify and extract personal details from your chats
Source URL: https://simonwillison.net/2024/Oct/22/imprompter/#atom-everything Source: Simon Willison’s Weblog Title: This prompt can make an AI chatbot identify and extract personal details from your chats Feedly Summary: This prompt can make an AI chatbot identify and extract personal details from your chats Matt Burgess in Wired magazine writes about a new prompt injection / Markdown exfiltration variant…
-
The Register: Open source LLM tool primed to sniff out Python zero-days
Source URL: https://www.theregister.com/2024/10/20/python_zero_day_tool/ Source: The Register Title: Open source LLM tool primed to sniff out Python zero-days Feedly Summary: The static analyzer uses Claude AI to identify vulns and suggest exploit code Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day vulnerabilities in Python codebases with the…
-
CSA: AI Application Security & Fundamental Cyber Hygiene
Source URL: https://www.tenable.com/blog/securing-the-ai-attack-surface-separating-the-unknown-from-the-well-understood Source: CSA Title: AI Application Security & Fundamental Cyber Hygiene Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the emerging risks associated with LLM (Large Language Model) and AI applications, emphasizing the necessity for foundational cybersecurity practices and clear usage policies to mitigate vulnerabilities. It highlights the unique security…
-
The Register: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Source URL: https://www.theregister.com/2024/10/10/cisa_ivanti_fortinet_vulns/ Source: The Register Title: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame Feedly Summary: Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in…
-
The Register: Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware
Source URL: https://www.theregister.com/2024/10/09/goldenjackal_custom_malware/ Source: The Register Title: Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware Feedly Summary: USB sticks help, but it’s unclear how tools that suck malware from them are delivered A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of…