ChatGPT blindly trusts browser content, turning the page into a payload
Source: Theregister
Published:
<p>EXCLUSIVE ChatGPT can’t tell its own generated content from attacker-controlled Markdown pulled from external sources, according to a researcher who found the prompt injection technique and reported it to OpenAI. This means that if a user asks the chatbot to summarize a web page that contains hid