After Microsoft invested $10 billion, OpenAI snubs Windows 11 as it releases ChatGPT app first on Mac. โWeโre just prioritizing where our users are.โ
Slow cooked short rib & lamb with fire-grilled Guajillo, Ancho, & New Mexico chilis, 3 heads of roasted whole garlic, and a little Sam Adams deglaze prior for good measure. ๐จโ๐ณ
It''s that time of year reviewing security conference submissions where the proposals range from: "I literally cannot provide a single coherent sentence about what the hell my talk is about." to: "I've been quietly working in solitude for 2 years and can now demonstrate full cross-customer pwn on [insert major cloud platform]. With zero logging or detection."
Incredible research at BlackHat Asia today by Tong Liu and team from the Institute of Information Engineering, Chinese Academy of Sciences (ๅจiie.ac.cn ็็ตๅญ้ฎไปถ็ป่ฟ้ช่ฏ)
A dozen+ RCEs on popular LLM framework libraries like LangChain and LlamaIndex - used in lots of chat-assisted apps including GitHub. These guys got a reverse shell in two prompts, and even managed to exploit SetUID for full root on the underlying VM!
TL;DR: The most popular chat-assisted app frameworks aren't even doing basic process sandboxing or sane file/network isolation. We are still very much in the early infancy of security maturity with current gen LLMs.