Widely known artificial intelligence email assistant EmailGPT was discovered by researchers from Synopsys' Cybersecurity Research Center to be impacted by a medium-severity prompt injection vulnerability, which could be exploited to enable data exposure, financial loss, and denial-of-service attacks, according to Hackread.
EmailGPT developers have already been informed regarding the flaw but the lack of any response so far has prompted CyRC researchers to recommend the immediate uninstallation of the email writing assistant, which is also available as a Google Chrome extension.
Such findings were noted by SlashNext CEO Patrick Harr to emphasize the value of robust governance in AI model development and security.
"Security and governance of the AI models are paramount as part of the culture and hygiene of companies building and proving the AI models either through applications or APIs. Customers particularly businesses need to demand proof of how the suppliers of these models are securing themselves including data access BEFORE they incorporate them into their business," said Harr.