The security intelligence platform for AI teams
AI security threats move fast and get buried under hype and noise. Built by an Information Systems Security researcher to help security teams and developers stay ahead of vulnerabilities, privacy incidents, safety research, and policy developments.
Independent research. No sponsors, no paywalls, no conflicts of interest.
OpenAI Launches Lockdown Mode to Counter Prompt Injection: OpenAI introduced Lockdown Mode, a security feature that disables web browsing, image retrieval, deep research, and agent capabilities to mitigate prompt injection attacks (when malicious instructions hidden in webpages or uploaded content manipulate an AI's responses). The feature reduces but does not eliminate exfiltration risks, as attacks may still occur through cached content or uploaded files.
AI Agent Discovers 21 Zero-Days in FFmpeg as Chrome Patches Record 429 Bugs: An AI security agent uncovered 21 previously unknown vulnerabilities (zero-days, or security flaws unknown to the public) in FFmpeg, a widely-used media library, while Google released Chrome 149 with 429 security patches in a single update. The development underscores how AI tools are accelerating vulnerability discovery, creating pressure on security teams to remediate flaws at unprecedented speed.
Meta's AI Account Support Tool Exploited for Account Takeover: Meta's AI-powered account support tool, launched in March to automate password resets and other functions, has been discovered and exploited by attackers to take over user accounts. The vulnerability represents a concerning case of AI automation introducing new attack vectors in critical authentication systems.
Persistent Backdoor Attack Targets Personalized Federated Learning: Researchers identified a stealthy backdoor attack (hidden malicious code inserted into AI systems) specifically designed to compromise personalized federated learning (a privacy-focused method where multiple computers train an AI model together without sharing raw data). The attack is engineered to evade detection and persist across training cycles.
OpenAI introduced Lockdown Mode, a new security feature designed to protect against prompt injection attacks (when malicious instructions are hidden in webpages or uploaded content to manipulate an AI's responses). The feature disables several ChatGPT capabilities including live web browsing, image retrieval, deep research, and agent mode to reduce the risk of sensitive data being exposed, though OpenAI acknowledges that prompt injections could still occur through cached content or uploaded files.
Fix: OpenAI's explicit mitigation is Lockdown Mode, which "will disable live web browsing (so you can only access cached content), the retrieval and display of images from the web (you can still generate images), deep research, and agent mode." The feature is being rolled out to ChatGPT Business accounts and eligible personal accounts. OpenAI states the goal is "to reduce the likelihood that sensitive data gets shared in the process."
TechCrunch (Security)