MobileSyrup
Microsoft’s plan to turn websites into AI apps has already hit a road bump in the form of an embarrassing security flaw.
Natural Language Web (NLWeb), which Microsoft announced back in May at its annual Build developer conference , was supposed to make websites queryable with natural language, kind of like interacting with AI chatbots like Copilot or ChatGPT. Microsoft described the project as like HTML for the agentic web.
However, researchers have now found a flaw in the NLWeb project that could allow any remote user to read sensitive files, like system configurations or even API keys for large language models (LLMs) like GPT-4.
Researchers Aonan Guan and Lei Wang found the flaw and reported it to Microsoft back in May, and Guan uploaded a blog post detailing how they found the flaw o
Crooks and Liars
Orlando Sentinel Politics
AlterNet