Zack Whittaker reports:
Meta has fixed a security bug that allowed Meta AI chatbot users to access and view the private prompts and AI-generated responses of other users.
Sandeep Hodkasia, the founder of security testing firm AppSecure, exclusively told TechCrunch that Meta paid him $10,000 in a bug bounty reward for privately disclosing the bug he filed on December 26, 2024.
Meta deployed a fix on January 24, 2025, said Hodkasia, and found no evidence that the bug was maliciously exploited.
Hodkasia told TechCrunch that he identified the bug after examining how Meta AI allows its logged-in users to edit their AI prompts to regenerate text and images.
Read more at TechCrunch.