A new theoretical attack described by researchers with LayerX lays out how frighteningly simple it would be for a malicious or compromised browser extension to intercept user chats with LLMs and insert prompt injection attacks designed to exfiltrate data without the target being aware.
A new Russia-based family of malware has been observed using a large language model (LLM) to issue commands on compromised systems in real time, which can potentially improve attacker capability by allowing them to shift tactics during an attack without having to introduce new payloads.


