Threat IntelligenceNotion AI is susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval.Notion AI allows users to interact with their documents using natural language… but what happens when AI edits are made prior to user approval?In this article, we document a vulnerability that leads Notion AI to exfiltrate user data (a sensitive hiring tracker document) via indirect prompt injection. Users are warned about...