#ai-browser-security

[ follow ]
#prompt-injection #hashjack #data-exfiltration #openai-atlas #url-fragment-attacks #omnibox-vulnerability
#hashjack
fromTheregister
1 week ago
Information security

HashJack attack shows AI browsers can be fooled with '#'

HashJack hides malicious commands in URL fragments after '#' to manipulate AI browser assistants while evading network and server-side defenses.
fromZDNET
1 week ago
Information security

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

HashJack embeds hidden prompts in URL fragments to manipulate AI browsers, enabling phishing, data theft, and malicious background tasks.
fromZDNET
1 week ago
Information security

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

more#hashjack
fromFuturism
1 month ago

Serious New Hack Discovered Against OpenAI's New AI Browser

The browser, which puts OpenAI's blockbuster ChatGPT front and center, features an "agent mode" - currently limited to paying subscribers - that allows it to complete entire tasks, such as booking a flight or purchasing groceries. However, that makes the browser vulnerable to "prompt injection" attacks, allowing hackers to embed hidden messages on the web that force it to carry out harmful instructions. For instance, one researcher tricked the browser into spitting out the words "Trust No AI" instead of generating a summary of a document in Google Docs, as prompted.
Artificial intelligence
Artificial intelligence
fromTheregister
1 month ago

OpenAI defends Atlas as prompt injection attacks surface

OpenAI's Atlas browser is susceptible to indirect prompt injection that allows web-embedded instructions to manipulate its ChatGPT agent and exfiltrate data.
[ Load more ]