all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hacking Google Bard - From Prompt Injection to Data Exfiltration

Add to bookmarks
e
Nov. 3, 2023, 7 p.m. |

Embrace The Red embracethered.com

Recently Google Bard got some powerful updates, including Extensions. Extensions allow Bard to access YouTube, search for flights and hotels, and also to access a user’s personal documents and emails.
So, Bard can now access and analyze your Drive, Docs and Gmail!
This means that it analyzes untrusted data and will be susceptible to Indirect Prompt Injection.
I was able to quickly validate that Prompt Injection works by pointing Bard to some older YouTube videos I had put up and …

access bard data data exfiltration docs documents drive emails exfiltration extensions gmail google google bard hacking hacking google hotels injection personal prompt prompt injection search untrusted updates youtube

Visit resource

More from embracethered.com / Embrace The Red

Em
Automatic Tool Invocation when Browsing with ChatGPT - Threats and Mitigations 1 week, 4 days ago | embracethered.com
apps automatic browsing can +12
Em
ChatGPT: Hacking Memories with Prompt Injection 2 weeks, 4 days ago | embracethered.com
agent ai assistant assistant attacker +18
Em
Machine Learning Attack Series: Backdooring Keras Models and How to Detect It 3 weeks, 1 day ago | embracethered.com
adversaries arbitrary code arbitrary code execution artificial +18
Em
Pivot to the Clouds: Cookie Theft in 2024 3 weeks, 3 days ago | embracethered.com
blog browser clouds cookie +20
Em
Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration 1 month, 3 weeks ago | embracethered.com
apps can chat control +19
Em
HackSpaceCon 2024: Short Trip Report, Slides and Rocket Launch 1 month, 3 weeks ago | embracethered.com
center class conference dave +14
Em
Google AI Studio Data Exfiltration via Prompt Injection - Possible Regression and Fix 2 months ago | embracethered.com
data data exfiltration discipline easier +14
Em
The dangers of AI agents unfurling hyperlinks and what to do about it 2 months ago | embracethered.com
agents ai agents ai chatbots attackers +11
Em
ASCII Smuggler - Improvements 3 months ago | embracethered.com
ascii decode decoding end +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com