Using a single, carefully-crafted prompt, Cybernews researchers were able to manipulate Lenovo’s customer service AI chatbot, Lena, into giving up customer agent session cookies, which opened up the possibility of multiple lines of attack, from dropping backdoors and stealing to laterally moving through corporate networks.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/08/flaw-in-too-trusting-lenovo-chatbot-could-have-let-hackers-in/
