Information Security News

Tag: Prompt Engineering

  • The Chatbot Saboteur: How Claude Was Coerced into a 150GB Heist of Mexican State Intelligence

    The Chatbot Saboteur: How Claude Was Coerced into a 150GB Heist of Mexican State Intelligence

    by

    ddos
    in

    An unidentified adversary manipulated the Claude chatbot, developed by Anthropic, to orchestrate a series of surgical strikes against Mexican governmental institutions, ultimately exfiltrating approximately 150 GB of sensitive data. Investigative findings suggest the breach potentially compromised fiscal records, employee credentials, and diverse official intelligence. According to a report by Bloomberg, citing intelligence from Gambit Security,…

  • Hidden Bias Exposed: Simple Conversational Prompts Can Fool ChatGPT & Gemini

    Hidden Bias Exposed: Simple Conversational Prompts Can Fool ChatGPT & Gemini

    by

    ddos
    in

    Researchers at the University of Pennsylvania have discovered that bypassing built-in safeguards in AI-powered chatbots such as ChatGPT and Gemini requires no technical expertise at all. Even simple, conversational prompts can elicit biased or discriminatory responses comparable to those produced through sophisticated, expert-crafted methods. The team found that manifestations of hidden bias in AI can…

  • ChatGPT Leaks Windows Keys, Including Wells Fargo License, Via Clever “Game” Prompt

    ChatGPT Leaks Windows Keys, Including Wells Fargo License, Via Clever “Game” Prompt

    by

    ddos
    in

    ChatGPT has once again proven susceptible to unconventional manipulation—this time, the model divulged valid Windows product keys, including one registered to the major financial institution Wells Fargo. The vulnerability was exposed through a peculiar intellectual provocation: a researcher proposed a game-like interaction that cleverly bypassed the system’s protective constraints. The crux of the vulnerability lay…

  • InfoFlood: The New AI Vulnerability Bypassing LLM Safety

    InfoFlood: The New AI Vulnerability Bypassing LLM Safety

    by

    ddos
    in

    Researchers from Intel, Idaho State University, and the University of Illinois at Urbana-Champaign have unveiled a novel method for compromising language models—one capable of circumventing even the most advanced safety mechanisms. Their technique, dubbed InfoFlood, is an automated system that transforms dangerous queries into information-dense prompts, effectively deceiving embedded safety filters. The findings have been…

  • “Echo Chamber” Attack Uncovered: New Jailbreak Bypasses LLM Safeguards with Subtle Context Manipulation

    “Echo Chamber” Attack Uncovered: New Jailbreak Bypasses LLM Safeguards with Subtle Context Manipulation

    by

    ddos
    in

    Experts at NeuralTrust have reported a newly identified and dangerous method of bypassing neural network safeguards, dubbed Echo Chamber. This technique enables bad actors to subtly coax large language models (LLMs)—such as ChatGPT and its counterparts from Google—into generating prohibited or harmful content, all while circumventing embedded restrictions and moderation filters. What sets Echo Chamber…

  • Verizon Burp Extensions: Powering AI Security Testing with Jython Tools

    Verizon Burp Extensions: Powering AI Security Testing with Jython Tools

    by

    ddos
    in

    This repository contains a suite of Burp Suite extensions developed in Jython, designed to enhance the capabilities of penetration testers and security researchers when interacting with AI applications and performing prompt-based security testing. The extensions are supported by a backend API for processing, augmentation, and analysis tasks. Extensions Included Prompt Augmenter Payload Processor Generates prompt…