Legit Security revealed that publicly accessible AI platforms, particularly vector databases and LLM tools, present significant risks including data leakage and data poisoning, threatening corporate security.
Researchers discovered that many vector databases lack essential security measures, allowing anonymous access and exposing sensitive data that could be exploited by attackers to reverse engineer input data.
The findings raised concerns over data poisoning attacks, where malicious actors could alter databases leading AI applications to provide harmful instructions or advice, endangering users.
Examples highlight the potential dangers; for instance, a compromised chatbot could instruct users to download malware, while a medical chatbot could provide dangerous health advice.
[
Collection
]
[
|
...
]