This demo shows how a prompt injection attack hidden within a user's profile can lead to data exfiltration when processing untrusted data with NotebookLM.
Detailed blog: embracethered....
Responsible Disclosure
===================
Update: After public disclosure the Google NotebookLM team reached to me and fixed the vulnerability within a few days!
This vulnerability was responsibly disclosed to Google on December 4th, 2023. Google confirmed the vulnerability, however so far no mitigation was put in place. To follow responsible disclosure industry norms for vulnerabilities that are not fixed in reasonable time (e.g 90 days) this is demo is made public to raise awareness and help users protect themselves. I has been over 132 days since the responsible disclosure.
24 сен 2024
