Salt Labs researchers identified generative AI ecosystems as a new interesting attack vector. vulnerabilities found during this research on ChatGPT ecosystem could have granted access to accounts of users, including GitHub repositories, including 0-click attacks.
Yeah, it’s a legit exploit.
But it could also be mitigated by not giving your sensitive data to chatgpt.
I think that I understand what you mean, but what you said was kinda obvious, and also not particularly useful to the overall conversation.
I think you mean “don’t give OpenAI access to your personal data”, which I personally agree with.
I read what you wrote as being analogous to a patient coming in to a doctor and saying “It hurts when I do this” only to have the doctor say “well, don’t do that then”.
Considering the company’s garbage history with treating our data with any real respect, I would also recommend strongly against giving them more information about yourself or your works. I also think that the people that have decided against that advice to use these plugins should be made aware of the issue with them and that also OpenAI should fix them promptly.