-
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage on its API platform. The breach exposed limited but sensitive user information, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The company has publicly revealed a security incident involving Mixpanel, a third-party analytics provider previously used to monitor activity on platform.openai.com, the frontend for its API product. The company emphasized transparency in its announcement, assuring users that the breach did not compromise OpenAI’s own systems, chat content, API keys, passwords, credentials, or payment information. On November […] The post OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be the most effective extraction method. Sora 2, OpenAI&…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, this threat demonstrates how adversaries …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix software vulnerabilities. The new tool, currently available in private beta, represents a signif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past year, federal agents struggled to uncover who operated a notorious child exploitation site on the dark web. Their search took an unexpected turn when the suspect revealed their use of ChatGPT, marking a significant moment in digital inves…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research discovered hitherto unknown samples, and what may be the earliest example known to date …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The latest technique, uncovered by AI researcher @LLMSherpa on X (formerly Twitter), exposes a little-known vulnerability in OpenAI’s ChatGPT system, a prompt insertion attack leveraging the user’s OpenAI account name. Unlike traditional prompt injections, which typically involve cleverly crafted user input, this method exploits the way OpenAI stores the account name within ChatGPT’s internal system […] The post New Prompt Insertion Attack – OpenAI Account Name Used to Trigger ChatGPT Jailbreaks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
