Ars Technica

Twitter pranksters derail GPT-3 bot with newly discovered “prompt injection” hack

Do any of these bots use their own previous outputs as further training data? That's one way these exploits could spread beyond "the same user who asks the bot to do something silly sees the bot doing ...