Morning Overview on MSN

Hackers just hid their phishing trap inside the Markdown links and images ChatGPT renders for you — turning the AI assistant itself into the attack channel

Ask ChatGPT to summarize a web page and you expect a tidy set of bullet points, maybe a helpful link or two. What you ...
Bleeping Computer

Counter-Strike 2 HTML injection bug exposes players’ IP addresses

Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses. While initially thought to be a more severe ...
TechRepublic

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’

A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...