[SkalskiP]

On September 25, 2023, OpenAI announced the launch of a new feature that expands how people interact with its latest and most advanced model, GPT-4V(ision): the ability to ask questions about images. Among other things, GPT-4 is now able to read the text found in uploaded images. At the same time, this update opened a new vector of attack on Large Language Models (LLMs). Instead of putting a malicious phrase in a text prompt, it can be injected through an image.

- text vs. vision prompt injection - vision prompt injection using INVISIBLE text - STEALING data with vision prompt injection - preventing prompt injection (spoiler: not much you can do for now)