Indirect Prompt Injection in the Wild: An Empirical Study of Prevalence, Techniques, and Objectives

As LLMs are increasingly integrated into systems that browse, retrieve, summarize, and act on web content, webpages have become an untrusted input vector for downstream model behavior. This enables site owners, contributors, and adversaries to embed instructions directly in web resources, i.e.,...

The vulnerability of the Microsoft SharePoint Foundation and Microsoft SharePoint Enterprise Server software lies in errors in analyzing HTTP content on web servers. This allows attackers to carry out phishing attacks and gain access to protected information.

The vulnerability of the Microsoft SharePoint Foundation and Microsoft SharePoint Enterprise Server software for electronic document management is related to errors in analyzing HTTP content on the web server. Exploitation of this vulnerability can allow unauthorized actors to carry out phishing...