Reading up on social-engineering
2 deep · digging since mar 12
- A backdoor in a LinkedIn job offer - Roman Imankulov
A fake recruiter sent a LinkedIn job candidate a GitHub repo with a backdoor that executes on npm install by running a remote-controlled command payload hidden in a test file.
- Designing AI agents to resist prompt injection
OpenAI argues that defending against prompt injection in AI agents requires treating attacks as social engineering and designing systems to constrain impact rather than just filtering inputs.