Hackernews article Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites The money quote: “The vulnerability, Miggo Security’s Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar’s privacy controls by hiding a dormant malicious payload within a standard calendar invite.” How is it done? The starting point … Read more
Yes this time it is a successful attack on the hospitality industry in Europe – so why include? Because if it is working there – it will come here, just a matter of time. Record.media has the story: Russian hackers target European hospitality industry with “Blue Screen of Death” malware. So it usually starts with … Read more
Why should a small business (or any business) need AI to run xyz function? Let’s say you want to create proposals and have older proposals and current products and other info at hand. I.e. how long does it take to create a proposal without AI? Let’s say you have some institutional knowledge and it takes … Read more
Everyone wants to use AI – but what about the negative effects? Like losing data to the public – or “leaking data”? So how can AI be boxed in? Hallucinate less or not at all? how to create guard rails for AI to be used for company specific data Here’s a practical, battle-tested framework to … Read more
Futurism.com has a story on how Perplexity AI browser is not very good with security concerns: The vulnerability, known as an indirect prompt injection attack, is terrifyingly simple. “The vulnerability we’re discussing in this post lies in how Comet processes webpage content,” the blog reads. “When users ask it to ‘Summarize this webpage,’ Comet feeds … Read more