Comment by echelon
3 months ago
Yes. It's a whole new attack vector.
This should be a SEV0 at Google and Anthropic and they need to be all-hands in monitoring this and communicating this to the public.
Their communications should be immediate and fully transparent.
It's not a SEV0 for LLM providers. If you already have code execution on some system, you've lost already, and whatever process the malware happens to start next is not at fault.
It 100% is, and I posted my rationale here [1]. I would stake my reputation on this being the appropriate stance.
[1] https://news.ycombinator.com/item?id=45039442