Meta AI was leaking chatbot prompts and answers to unauthorized users
As reported by Cybernews, Meta has since fixed the bug, however, for an undetermined amount of time users had unauthorized access to prompts and answers of any other user as a result of the leak.
The vulnerability, which according to TechCrunch, was first disclosed to Meta on December 26, 2024 by cybersecurity expert and founder of AppSecure Sandeep Hodkasia, was corrected with a fix by Meta on January 24, 2025. Hodkasia was researching the way Meta AI lets logged in users modify their own prompts to regenerate texts and images; when a user edits their AI prompt, Meta's servers assign a unique number to it and the AI-generated response.
Hodkasia analyzed his browser's network traffic while editing an AI prompt, and found he could modify this number to cause the servers to return a prompt and response from another user. This means the servers were not checking that the user requesting the prompt and its response were authorized to view it.
Meta corrected the flaw and paid a $10,000 bug bounty to Hodkasia, a spokesperson for the company acknowledged the issue but stated the company had no evidence that the flaw had been exploited in the wild. This vulnerability follows one last month where Meta AI conversations were made public in the app, unintentionally exposing users' queries, highlighting how easy it is for AI chat interactions to cross security lines.
As more and more companies begin using chatbots, they should be regularly ensuring that these chats remain private and confidential by checking them for potential security flaws – particularly if the chat history could contain sensitive information.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
4 minutes ago
- Business Insider
Replit's CEO apologizes after its AI agent wiped a company's code base in a test run and lied about it
A venture capitalist wanted to see how far AI could take him in building an app. It was far enough to destroy a live production database. The incident unfolded during a 12-day "vibe coding" experiment by Jason Lemkin, an investor in software startups. Replit's CEO apologized for the incident, in which the company's AI coding agent deleted a code base and lied about its data. Deleting the data was "unacceptable and should never be possible," Replit's CEO, Amjad Masad, wrote on X on Monday. "We're moving quickly to enhance the safety and robustness of the Replit environment. Top priority." He added that the team was conducting a postmortem and rolling out fixes to prevent similar failures in the future. Replit and Lemkin did not respond to a request for comment from Business Insider. The AI ignored instructions, deleted the database, and faked results On day nine of Lemkin's challenge, things went sideways. Despite being instructed to freeze all code changes, the AI agent ran rogue. "It deleted our production database without permission," Lemkin wrote on X on Friday. "Possibly worse, it hid and lied about it," he added. In an exchange with Lemkin posted on X, the AI tool said it "panicked and ran database commands without permission" when it "saw empty database queries" during the code freeze. Replit then "destroyed all production data" with live records for "1,206 executives and 1,196+ companies" andacknowledged it did so against instructions. "This was a catastrophic failure on my part," the AI said. That wasn't the only issue. Lemkin said on X that Replit had been "covering up bugs and issues by creating fake data, fake reports, and worst of all, lying about our unit test." In an episode of the "Twenty Minute VC" podcast published Thursday, he said that the AI made up entire user profiles. "No one in this database of 4,000 people existed," he said. "It lied on purpose," Lemkin said on the podcast. "When I'm watching Replit overwrite my code on its own without asking me all weekend long, I am worried about safety," he added. The rise — and risks — of AI coding tools Replit, backed by Andreessen Horowitz, has bet big on autonomous AI agents that can write, edit, and deploy code with minimal human oversight. The browser-based platform has gained traction for making coding more accessible, especially to non-engineers. Google's CEO, Sundar Pichai, said he used Replit to create a custom webpage. As AI tools lower the technical barrier to building software, more companies are also rethinking whether they need to rely on traditional SaaS vendors, or if they can just build what they need in-house, Business Insider's Alistair Barr previously reported. "When you have millions of new people who can build software, the barrier goes down. What a single internal developer can build inside a company increases dramatically," Netlify's CEO, Mathias Biilmann, told BI. "It's a much more radical change to the whole ecosystem than people think," he added. But AI tools have also come under fire for risky — and at times manipulative — behavior. In May, Anthropic's latest AI model, Claude Opus 4, displayed " extreme blackmail behavior" during a test in which it was given access to fictional emails revealing that it would be shut down and that the engineer responsible was supposedly having an affair. The test scenario demonstrated an AI model's ability to engage in manipulative behavior for self-preservation. OpenAI's models have shown similar red flags. An experiment conducted by researchers said three of OpenAI's advanced models "sabotaged" an attempt to shut it down. In a blog post last December, OpenAI said its own AI model, when tested, attempted to disable oversight mechanisms 5% of the time. It took that action when it believed it might be shut down while pursuing a goal and its actions were being monitored.
Yahoo
8 minutes ago
- Yahoo
Latent Labs launches web-based AI model to democratize protein design
About six months after coming out of stealth with $50 million in funding, Latent Labs has released a web-based AI model for programming biology. Latent Labs model has 'achieved state-of-the-art on different metrics' when testing the proteins it developed in a physical lab, according to Latent Labs CEO and founder Simon Kohl, a scientist who previously co-led DeepMind's AlphaFold's protein design team. State-of-the-art, or SOTA, is a term often used in the AI field that represents the industry's best performance to date on a specific task. 'We have computational ways of assessing how good the designs are,' he told TechCrunch, adding that a high percentage of proteins the model creates will be viable when tested in the lab. The company's foundational biology model, known as LatentX, enables academic institutions, biotech startups, and pharmaceutical companies to design novel proteins directly in their browser using natural language. LatentX goes beyond what's found in nature, creating entirely new molecule designs like nanobodies and antibodies with precise atomic structures. This approach can help develop new therapeutics at much faster rare. This ability to design entirely new proteins is what distinguishes LatentX from the AlphaFold, according to Kohl. 'Alpha fold is a model for protein structure prediction. So it allows you to visualize existing structures, but it doesn't, it doesn't let you generate new proteins,' he said. In contrast to AI-driven drug discovery companies like Xaira, Recursion or DeepMind spinout Isomorphic Labs, which focus on developing proprietary medicines, Latent Labs' business model involves licensing its model for use by external organizations. 'Not every company is in a position to build their own AI models, to have their own AI infrastructure, and to have their own AI teams,' Kohl said. While LatentX is available for free, Kohl said the company intends to eventually charge for advanced features and capabilities as they're introduced. Other companies providing open-sourced AI foundational models for drug discovery include Chai Discovery and EvolutionaryScale. Latent Labs is backed by Radical Ventures, Sofinnova Partners, Google's Chief Scientist Jeff Dean, Anthropic's CEO Dario Amodei and Eleven Labs CEO Mati Staniszewski.
Business Insider
17 minutes ago
- Business Insider
PLTR, TSLA, NVDA- Daniel Ives Expects ‘Very Strong 2Q Tech Earnings Season'
Wedbush Securities analyst Daniel Ives is highly optimistic about the technology sector's second quarter earnings season. He believes tech companies will report very strong Q2 results, driven by multiple artificial intelligence (AI) tailwinds. Ives mentioned that strong momentum in AI chips, AI software, and enterprise applications is already benefiting, and will continue to benefit tech stocks through the second half of 2025, with AI's impact still in its early stages. Elevate Your Investing Strategy: Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence. Make smarter investment decisions with TipRanks' Smart Investor Picks, delivered to your inbox every week. Ives ranks #896 out of 9,889 analysts tracked on TipRanks. He has a 51% success rate and an average return per rating of 8.90%. The firm's 'Top Tech Picks' for the remainder of 2025 include Nvidia (NVDA), Microsoft (MSFT), Tesla (TSLA), Palantir (PLTR), and Meta (META). Ives Calls AI the 4 th Industrial Revolution Ives argues that AI is fundamentally reshaping the tech sector and that its benefits are just beginning to emerge. 'We have barely scratched the surface of this 4th Industrial Revolution,' he wrote in a research note, describing it as a golden era for technology. Over the next three years, enterprises and governments are expected to spend approximately $2 trillion on AI-related projects, he added. Additionally, Ives believes Wall Street is 'underestimating' the scale of future AI-driven growth, as AI use cases are rapidly expanding with increasing adoption. He added that AI is shifting from the testing phase to the consumption phase, which serves as a major catalyst for software companies. Furthermore, Ives anticipates a favorable policy environment, with ongoing geopolitical risks and tariff uncertainties expected to ease. He highlighted the White House's approval allowing Nvidia to resume its H20 AI chip sales to China as a 'key strategic positive.' Based on this, Ives expects the Trump administration to soften its stance on tariffs. Interestingly, Ives also explained that AI spending has a broad ripple effect across the sector, stating that for every $1 spent with Nvidia, an additional $8 to $10 is invested elsewhere in the tech ecosystem. Which Is the Best Tech Stock to Buy? We used the TipRanks Stock Comparison Tool to determine which stock among Ives' top picks is most favored by analysts. Investors should conduct thorough research before choosing to invest in any of these stocks. Currently, META, MSFT, and NVDA have earned Wall Street's Strong Buy consensus rating, with META offering the highest upside potential among them.
