all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration

Add to bookmarks
e
April 15, 2024, 3:11 p.m. |

Embrace The Red embracethered.com

Google’s NotebookML is an experimental project that was released last year. It allows users to upload files and analyze them with a large language model (LLM).
However, it is vulnerable to Prompt Injection, meaning that uploaded files can manipulate the chat conversation and control what the user sees in responses.
There is currently no known solution to these kinds of attacks, so users can’t implicitly trust responses from large language model applications when untrusted data is involved.

apps can chat control conversation data data exfiltration exfiltration files google injection language large large language model llm llm apps project prompt prompt injection sees tables upload vulnerable

Visit resource

More from embracethered.com / Embrace The Red

Em
Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration 2 weeks, 2 days ago | embracethered.com
apps can chat control +19
Em
HackSpaceCon 2024: Short Trip Report, Slides and Rocket Launch 2 weeks, 3 days ago | embracethered.com
center class conference dave +14
Em
Google AI Studio Data Exfiltration via Prompt Injection - Possible Regression and Fix 3 weeks, 2 days ago | embracethered.com
data data exfiltration discipline easier +14
Em
The dangers of AI agents unfurling hyperlinks and what to do about it 4 weeks ago | embracethered.com
agents ai agents ai chatbots attackers +11
Em
ASCII Smuggler - Improvements 1 month, 3 weeks ago | embracethered.com
ascii decode decoding end +11
Em
Who Am I? Conditional Prompt Injection Attacks with Microsoft Copilot 1 month, 4 weeks ago | embracethered.com
applications attackers attacks building +23
Em
Google Gemini: Planting Instructions For Delayed Automatic Tool Invocation 2 months, 1 week ago | embracethered.com
attacker automatic bard called +11
Em
ChatGPT: Lack of Isolation between Code Interpreter sessions of GPTs 2 months, 2 weeks ago | embracethered.com
bug chatgpt code disclosure +11
Em
Video: ASCII Smuggling and Hidden Prompt Instructions 2 months, 2 weeks ago | embracethered.com
ascii beyond block call +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr. Cloud Security Engineer

@ BLOCKCHAINS | USA - Remote
View on infosec-jobs.com

Network Security (SDWAN: Velocloud) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Senior Python Engineer, Cloud Security

@ Darktrace | Cambridge
View on infosec-jobs.com

Senior Security Consultant

@ Nokia | United States
View on infosec-jobs.com

Manager, Threat Operations

@ Ivanti | United States, Remote
View on infosec-jobs.com

Lead Cybersecurity Architect - Threat Modeling | AWS Cloud Security

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com
View more jobs