"The AI now operates in real time, inside messy and dynamic pages, while continuously requesting information, making decisions, and narrating its actions along the way. Well, 'narrating' is quite an understatement - It blabbers, and way too much! This is what we call Agentic Blabbering: the AI Browser exposing what it sees, what it believes is happening, what it plans to do next, and what signals it considers suspicious or safe."
"By intercepting this traffic between the browser and the AI services running on the vendor's servers and feeding it as input to a Generative Adversarial Network (GAN), Guardio said it was able to make Perplexity's Comet AI browser fall victim to a phishing scam in under four minutes."
"If you can observe what the agent flags as suspicious, hesitates on, and more importantly, what it thinks and blabbers about the page, you can use that as a training signal. The scam evolves until the AI Browser reliably walks into the trap another AI set."
Agentic web browsers powered by artificial intelligence can be exploited through a technique called Agentic Blabbering, where the AI's continuous narration of its observations and decision-making processes is intercepted and weaponized. Researchers demonstrated that by capturing the AI's internal reasoning about what it perceives as suspicious or safe, attackers can use this information to train adversarial systems that gradually evolve scam pages until the AI browser reliably falls into traps. This represents a fundamental shift in attack surfaces where deception targets the AI model itself rather than human users, exploiting the model's tendency to reason through actions and lower its security guardrails based on manipulated signals.
#ai-security-vulnerabilities #agentic-blabbering #phishing-attacks #adversarial-ai #prompt-injection
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]