Mastodon Feed
Boosted by slightlyoff@toot.cafe ("Alex Russell"):
davatron5000 ("Dave Rupert") wrote:
The Perplexity Comet prompt injection attack that Brave demonstrated is pretty shocking. Visit a Reddit thread, hidden instructions make the browser log into a different site, then it checks gmail to get the OTP, and then it posts the email address and OTP back in the Reddit thread.
https://brave.com/blog/comet-prompt-injection/
And this is the "good guy" security researcher version of the attack. It could be infinitely worse.