Security News

OpenAI is very smug after thwarting five ineffective AI covert influence ops
2024-05-30 23:29

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Stack Overflow suspends user for editing posts in OpenAI protest
2024-05-08 19:59

A recent partnership announcement between OpenAI and Stack Overflow has some members concerned that their data is being used without permission and will only lead to inaccurate information being created by LLMs. The partnership was announced on Monday, with OpenAI getting access to Stack Overflow's API and feedback from developers and StackCommerce getting links in ChatGPT back to its source material and receiving assistance using OpenAI models as part of its new OverflowAI platform. Epic Games UI designer Ben said he tried to edit his highest-rated answers and replace them with a message protesting the partnership with OpenAI. "Stack Overflow does not let you delete questions that have accepted answers and many upvotes because it would remove knowledge from the community," Ben posted on Mastodon.

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds
2024-04-26 00:40

The GPT-4 large language model from OpenAI can exploit real-world vulnerabilities without human intervention, a new study by University of Illinois Urbana-Champaign researchers has found. How successful is GPT-4 at autonomously detecting and exploiting vulnerabilities? GPT-4 can autonomously exploit one-day vulnerabilities.

OpenAI's GPT-4 can exploit real vulnerabilities by reading security advisories
2024-04-17 10:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Whizkids jimmy OpenAI, Google's closed models
2024-03-13 08:34

Boffins have managed to pry open closed AI services from OpenAI and Google with an attack that recovers an otherwise hidden portion of transformer models. "We thereby confirm, for the first time, that these black-box models have a hidden dimension of 1024 and 2048, respectively. We also recover the exact hidden dimension size of the gpt-3.5-turbo model, and estimate it would cost under $2,000 in queries to recover the entire projection matrix."

OpenAI’s Sora Generates Photorealistic Videos
2024-02-16 21:37

OpenAI released on Feb. 15 an impressive new text-to-video model called Sora that can create photorealistic or cartoony moving images from natural language text prompts. Sora isn't available to the public yet; instead, OpenAI released Sora to red teamers - security researchers who mimic techniques used by threat actors - to assess possible harms or risks.

OpenAI blocks state-sponsored hackers from using ChatGPT
2024-02-15 15:56

OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. The AI research organization took action against specific accounts associated with the hacking groups that were misusing its large language model services for malicious purposes after receiving key information from Microsoft's Threat Intelligence team. Forest Blizzard [Russia]: Utilized ChatGPT to conduct research into satellite and radar technologies pertinent to military operations and to optimize its cyber operations with scripting enhancements.

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things
2024-02-15 00:10

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. "We disrupted five state-affiliated malicious actors: two China-affiliated threat actors known as Charcoal Typhoon and Salmon Typhoon; the Iran-affiliated threat actor known as Crimson Sandstorm; the North Korea-affiliated actor known as Emerald Sleet; and the Russia-affiliated actor known as Forest Blizzard," the OpenAI team wrote.

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
2024-02-14 14:39

Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber...

OpenAI rolls out imperfect fix for ChatGPT data leak flaw
2023-12-21 16:44

OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According to the researcher who discovered the flaw, the mitigation isn't perfect, so attackers can still exploit it under certain conditions. Security researcher Johann Rehberger discovered a technique to exfiltrate data from ChatGPT and reported it to OpenAI in April 2023.