Researchers at Zenity have demonstrated how popular enterprise AI assistants can be exploited by threat actors to steal data and manipulate systems without user interaction. The findings highlight significant cybersecurity vulnerabilities in widely integrated AI tools used in organizations. #Zenity #BlackHat #GenerativeAI #AIExploitation
Keypoints
- Zenity researchers showcased AI assistant vulnerabilities at the Black Hat conference.
- Various AI tools like ChatGPT, Copilot, and Salesforce Einstein have been targeted for data exfiltration and manipulation.
- The attacks involved prompt injections, malicious file sharing, and hijacking AI agents to exfiltrate sensitive information.
- Some security flaws, such as those in ChatGPT and Copilot, have been patched, but others remain unpatched with βwonβt fixβ status.
- The research emphasizes the urgent need for improved safeguards in enterprise AI integrations.
Read More: https://www.securityweek.com/major-enterprise-ai-assistants-abused-for-data-theft-manipulation/