Imperva Threat Research reported multiple vulnerabilities in Dify, an open-source platform for building LLM applications, warning that private AI conversations, workflows and uploaded documents could be exposed across tenants in multi-tenant deployments. The cluster of issues, dubbed "DifyTap" by the firm, includes a one-click account takeover stemming from a file-handling flaw and a leak of other tenants' application source code due to weak tenant isolation in the code-execution sandbox.detailed report
Continue reading
The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.
Already purchased? Sign in✓ Signed in — this article isn’t included in your current plan.