Set as Homepage - Add to Favorites

【Candy Apples Archives】

Source:Evergreen Information Network Editor:Shopping Time:2025-06-26 11:34:59

Thanks to new ChatGPT updates like the Code Interpreter,Candy Apples Archives OpenAI's popular generative artificial intelligence is rife with more security concerns. According to research from security expert Johann Rehberger (and follow-up work from Tom's Hardware), ChatGPT has glaring security flaws that stem from its new file-upload feature.

OpenAI's recent update to ChatGPT Plus added a myriad of new features, including DALL-E image generation and the Code Interpreter, which allows Python code execution and file analysis. The code is created and run in a sandbox environment that is unfortunately vulnerable to prompt injection attacks.

SEE ALSO: OpenAI's Sam Altman breaks silence on AI executive order

A known vulnerability in ChatGPT for some time now, the attack involves tricking ChatGPT into executing instructions from a third-party URL, leading it to encode uploaded files into a URL-friendly string and send this data to a malicious website. While the likelihood of such an attack requires specific conditions (e.g., the user must actively paste a malicious URL into ChatGPT), the risk remains concerning. This security threat could be realized through various scenarios, including a trusted website being compromised with a malicious prompt — or through social engineering tactics.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
You May Also Like

Tom's Hardware did some impressive work testing just how vulnerable users may be to this attack. The exploit was tested by creating a fake environment variables file and using ChatGPT to process and inadvertently send this data to an external server. Although the exploit's effectiveness varied across sessions (e.g., ChatGPT sometimes refused to load external pages or transmit file data), it raises significant security concerns, especially given the AI's ability to read and execute Linux commands and handle user-uploaded files in a Linux-based virtual environment.

Related Stories
  • Cyberattack to blame for major ChatGPT outage
  • ChatGPT Plus users reporting issues since the DALL-E 3 upgrade
  • OpenAI's Sam Altman breaks silence on AI executive order
  • Humane launches 'Ai Pin,' a screenless wearable powered by OpenAI
  • OpenAI is being sued for training ChatGPT with 'stolen' personal data

As Tom's Hardware states in its findings, despite seeming unlikely, the existence of this security loophole is significant. ChatGPT should ideally notexecute instructions from external web pages, yet it does. Mashablereached out to OpenAI for comment, but it did not immediately respond to our request.

Topics Artificial Intelligence ChatGPT OpenAI

Previous:Best IPL deal: Save $80 on Braun IPL Silk·Expert

Next:How to Squeeze the Most Out of Your iPhone's Battery

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

15 memes about student loans for when you're in debt and need to laugh it offWoman's car got stuck in the middle of a farmer's market after she left it overnightAOC calls out Mitch McConnell for pic of his supporters groping a cutout of herJake Paul and Tana Mongeau's wedding was absolute, glorious chaosActivision Blizzard president leaves company to head the Bored Ape Yacht ClubDesperate farmer destroys rare Lion King toy on live TV to make a point about online bullyingWordle today: Here's the answer, hints for December 17Former Tinder exec sues over sexual assault, wrongful terminationFamily vlog channel sells creepily lifelike dolls modeled after their newborn babyWho is Kiri's father in 'Avatar: The Way of Water'?Chris Evans bluntly shuts down Fox host on Twitter5 things we would love to see in 'Avatar 3'AOC calls out Mitch McConnell for pic of his supporters groping a cutout of her'Quordle' today: See each 'Quordle' answer and hints for December 18Brexit is destroying sex livesWordle today: Here's the answer, hints for December 16Meghan Markle's 'Vogue' video is basically a who's who of empowering womenTwo goats strut their stuff in a highly memeSometimes texting your 'number neighbor' goes horrifically wrong'Quordle' today: See each 'Quordle' answer and hints for December 18 Taco Bell's Cheetos Questions about 'Rogue One'? Ask the director on Twitter Friday Scientists discover a super Guy mistakes jellyfish for a fake breast, hands it in to confused police Watch Lady Gaga sing alongside French fans in spontaneous street performance Play the new 'Overwatch' map Oasis right now Liam Payne and Cheryl are having a baby and One Direction fans are losing it Politician unleashes bizarre whip analogy in response to refugee protesters Seal thinks he's a cow and makes a paddock his home Reserve Bank of India website hit with 14X traffic post PM Modi's demonetization speech Father's search for autistic son's cup completed thanks to the kindness of the internet Here's hands down proof that Danny Dyer is one of the funniest men in Britain You can now watch every 'Harry Potter' film in 90 minutes Matthew McConaughey gives students rides to make sure they get home alright, alright, alright These alternative Christmas cards will stop you in your tracks Singing parrot gives Sia a run for her money with 'Chandelier' cover America's 8 most wanted household pets and barnyard animals Sweden builds super expensive Christmas goat effigy, arsonists burn it down 30 boring gifts that everyone secretly wants Canadian police officers want to prevent drunk driving with Nickelback

2.1927s , 8224.9375 kb

Copyright © 2025 Powered by 【Candy Apples Archives】,Evergreen Information Network  

Sitemap

Top

Quick Links