This attack is ongoing, with the attackers shifting from `npm` to `bun` for malware installation. If you see information we're missing, please consider contributing!
Arch users, please take note!
I guess Anthropic wanted to avoid the 1-2 punch of losing Fable *and* getting the customer outrage of usage-based billing like Copilot 🙃
I've resisted the analogy of asbestos as it sounds too simple. But I do think that as long as the technology is available, you're going to uncover generative AI in all sorts of processes that should have nothing to do with it.
Who else had weird issues today with Google auth-using sites requesting certificates?
Seems like it was this:
www.reddit.com/r/tec...
Indirect prompt injection attacks are really in their infancy. As we enable more agents and more tools/integrations, the possibilities for this *fundamentally unfixable* vulnerability get scarier.
Imagine giving all your secrets to an assistant and *expecting* them to get phished. That's what this is.