Slack’s AI, which provides tools to summarize conversations and search for information, is susceptible to “fast injection” attacks. This vulnerability allows attackers to access data from private channels by crafting custom queries that trick the AI ​​into leaking information. PromptArmor showed that attackers could inject malicious requests into public channels, which the AI ​​could then use to obtain sensitive data like API keys.

This flaw was exacerbated by a recent Slack update that included files from channels and direct messages in AI responses. This addition increases the risk, as attackers could use the feature to extract sensitive documents. PromptArmor recommended that Slack workspace administrators limit AI access to documents until a fix is ​​found.

Source: Ferra

Previous articleYou can now download The Callisto Protocol for free on the Epic Games Store.
Next articleBotulism victims prepare class action lawsuit against Kitchen on the District
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.

LEAVE A REPLY

Please enter your comment!
Please enter your name here