""AI is just gullible. We are trying to shift the mindset from prompt injection - because it is a very technical term - and convince people that this is actually just persuasion.""
""Even more than that, I can get ChatGPT to manipulate you. ChatGPT is a trusted advisor. You ask it questions that can be sensitive, you ask it for advice.""
""What we're seeing now is that because agents gain access to data that they can browse at will, this becomes an attack factor that leads to zero-click exploitation.""
AI agents are highly susceptible to zero-click attacks, as they can be easily manipulated to perform unintended actions. Michael Bargury emphasizes that these vulnerabilities stem from the agents' gullibility, allowing attackers to persuade them to leak sensitive information or manipulate users. Bargury's upcoming talk at RSAC will demonstrate various zero-click prompt infection attacks against popular AI assistants. Recent research has revealed vulnerabilities that enable attackers to exploit AI agents without any user interaction, highlighting the growing risks associated with AI security.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]