Simon WillisonMay 19, 2023
Here's the first proof of concept I've seen of a prompt injection attack against ChatGPT Plugins - the successful attack uses Zapier to access the user's email and then exfiltrates the data using WebPilot https://simonwillison.net/2023/May/19/chatgpt-prompt-injection/
Let ChatGPT visit a website and have your email stolen

Johann Rehberger provides a screenshot of the first working proof of concept I've seen of a prompt injection attack against ChatGPT Plugins that demonstrates exfiltration of private data. He uses …

Show threadDavid CarrollMay 19, 2023

@simon @glynmoody

Apparently the industry did not learn a valuable lesson from the Cambridge Analytica scandal.

Show threadGlyn Moody
@profcarroll it didn't want to, did it...? @simon
May 19, 2023 at 4:16pmWeb