Why Prompt Injection Is the New Surface Attack and So Difficult by Design
In December 2023, a Chevrolet dealership made headlines when users coaxed its ChatGPT-powered chatbot into “agreeing” to sell cars for $1. Just months earlier, in February, Microsoft’s Bing had exposed its hidden “Sydney” persona, venting irritation at users and sparking widespread alarm about AI behavior.
These are some examples of prompt injection in action. OWASP now ranks prompt injection as the #1 vulnerability in their LLM Top 10. The thing that makes this challenging is that, since the SQL injection vulnerability took three decades to mature, we have now developed multiple methods to prevent it.
This article has been indexed from DZone Security Zone
Read the original article: