Hacking Google Bard – From Prompt Injection to Data Exfiltration

[tjpnz]

Well that's pure carelessness, isn't it. I'm guessing it was deployed on a server with volume mounts it shouldn't have while possibly running as root?

[__float]

That seems like a rather specific guess -- plenty of things can go wrong beside that problem.

I found the comment more reflective of lacking any reporting process, even for "major" vulnerabilities. These days, companies have turned bug bounties into a marketing and recruiting tool, so it's a very different story.