Bleeping Computer

Counter-Strike 2 HTML injection bug exposes players’ IP addresses

Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses. While initially thought to be a more severe ...

Seven Critical Vulnerabilities Open ChatGPT to Data Theft and Hijacking

Tenable research reveals hidden AI flaws that allow data exfiltration, safety override, and persistent compromise within ChatGPT Tenable, the exposure management company, discovered seven ...
Ars Technica

Hacker plants false memories in ChatGPT to steal user data in perpetuity

When security researcher Johann Rehberger recently reported a vulnerability in ChatGPT that allowed attackers to store false information and malicious instructions in a user’s long-term memory ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...