GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

/in

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites.
GitLab Duo is an artificial intelligence (AI)-powered coding assistant that enables users to write,

The Hacker News – ​Read More

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud...CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud MisconfigsU.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime OperationU.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime...