THREAT OPS › Threat News › Computer-Use and TOCTOU: What You Click Is Not What You Get!
Computer-Use and TOCTOU: What You Click Is Not What You Get!
<p>Last year, Jun Kokatsu disclosed an <a href="https://github.com/google/security-research/security/advisories/GHSA-mp56-7vrw-qxvf">interesting vulnerability</a> with ChatGPT Operator by exploiting a race condition. I was wondering if I could reproduce this attack chain, and this post describes the results of that research.</p> <p>I had this post drafted for months, and yesterday at the <a href="
Indicators of compromise
- https://seclab.stanford.edu/RealWorldAIsec/url