August 22, 2024 at 11:47AM Salesforce’s Slack AI has patched a flaw identified by security firm PromptArmor, which could have allowed attackers to steal data from private Slack channels or engage in secondary phishing within the platform. The flaw is related to the use of a language model that did not recognize malicious instructions, enabling … Read more
May 25, 2024 at 06:18AM A critical security flaw in AI-as-a-service provider Replicate allowed unauthorized access to proprietary AI models and sensitive information due to a vulnerability in its containerization process. The flaw was responsibly disclosed and addressed, and there is no evidence of exploitation. However, it highlights the potential risks of malicious models in … Read more
March 19, 2024 at 08:06AM AI email security controls are being bypassed by credential-stealing emails that hide malicious payloads within harmless-looking emails. This poses a major threat to enterprise networks. After reviewing the meeting notes, the key takeaways are: 1. Credential-stealing emails are bypassing AI’s “known good” email security controls by disguising malicious payloads in … Read more