Publicly available GenAI development apps open to exploitation

New research from Legit Security shows that widely available GenAI development services risk sensitive information exposure, or leakage of secrets. Legit's analysis of unprotected vector databases finds that 30 servers investigated contained corporate or private data, including company email conversations, customer PII, product serial numbers, financial records, resumes, and contact information. In addition three vector databases from two of the most popular platforms belonging to companies in engineering services, fashion, and the industrial equipment sector contain documents, media summaries, customer details, and purchase information. Legit has contacted the owners of those publicly exposed servers, and most have now blocked access… [Continue Reading]