alt Hacker NewsThe article talks on and on about what document to craft to fool an AI, but how does he gain access to the target's database? How can he randomly inject data into some AI bots sources?
Like why does it even matter what kind of page to craft when some company's AI bot source database is wide open? I simply don't understand this kind of post, they do lots of effort to suggest that this is a super big scary vulnerability but actually the "vulnerability" is:
> Each [automated pipeline into your knowledge base] is a potential injection path.
In other words, the tldr of this article is
- if your knowledge base is compromised
- then your knowledge base is compromised!!!!
Replies
Insider threat. Every fucking large business has disgruntled employees, like Meta right now after finding out about Zuck's plan to flatten all roles to ICs
Good question, the attack doesn't require direct DB access. Many RAG pipelines auto-ingest from web crawlers, RSS feeds, third-party docs, or user uploads. If an attacker can get a crafted document into any of those pipelines, they control what context gets retrieved. The threat is the ingestion surface, not the database itself.