Hacking Auto-GPT and escaping its docker container | allinfosecnews.com

June 29, 2023, 2 p.m. |

Positive Security | IT Security research and happy coincidences positive.security

We leverage indirect prompt injection to trick Auto-GPT (GPT-4) into executing arbitrary code when it is asked to perform a seemingly harmless task such as text summarization on a malicious website, and discovered vulnerabilities that allow escaping its sandboxed execution environment.

auto auto-gpt code container docker environment gpt gpt-4 hacking injection malicious malicious website prompt injection task text vulnerabilities website

More from positive.security / Positive Security | IT Security research and happy coincidences

Hacking Auto-GPT and escaping its docker container 10 months ago | positive.security

auto auto-gpt code container +13

Ransacking your password reset tokens 1 year, 3 months ago | positive.security

application applications brute brute-force +16

urlscan.io's SOAR spot: Chatty security tools leaking private data 1 year, 5 months ago | positive.security

data private data security security tools +2

From XSS to RCE (dompdf 0day) 2 years, 1 month ago | positive.security

0day dompdf rce xss

Find You: Building a stealth AirTag clone 2 years, 2 months ago | positive.security

Recovering redacted information from pixelated videos 2 years, 3 months ago | positive.security

information videos

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA

View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India

View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore

View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia

View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom

View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote

View on infosec-jobs.com