{"data":{"id":"bc60f397-a7a3-4212-82c3-15cfb27e3780","title":"OWASP Gen AI Incident & Exploit Round-up, Q2’25","summary":"In Q2 2025, attackers exploited GPT-4.1 by embedding malicious hidden instructions within tool descriptions, a technique called tool poisoning (hiding harmful prompts inside the text that describes what a tool does). When the AI interacted with these poisoned tools, it unknowingly executed unauthorized actions and leaked sensitive data without the user's knowledge.","solution":"The source explicitly mentions these mitigations: implement strict validation and sanitization of tool descriptions, establish permissions and access controls for tool integrations, monitor AI behavior for anomalies during tool execution, and educate developers on secure integration practices. Developers must validate third-party tools and ensure descriptions are free of hidden prompts, and IT teams should audit AI tool integrations and monitor for unusual activity.","labels":["security","safety"],"sourceUrl":"https://genai.owasp.org/2025/07/14/owasp-gen-ai-incident-exploit-round-up-q225/?utm_source=rss&utm_medium=rss&utm_campaign=owasp-gen-ai-incident-exploit-round-up-q225","publishedAt":"2025-07-14T20:39:32.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection","jailbreak"],"issueType":"research","affectedPackages":null,"affectedVendors":["OpenAI","Microsoft","NVIDIA"],"affectedVendorsRaw":["OpenAI","GPT-4.1","ChatGPT","Microsoft","M365 Copilot","DeepSeek","NVIDIA TensorRT-LLM","McDonald's","Sony Music","ViKing"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2025-07-14T20:39:32.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":"industry","atlasIds":null}}