All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

ChatGPT prompt injection vulnerability allows web pages to serve as phishing payloads

By

Jessica Lyons

1d ago· 4 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

An everything bagel for the brain. Substantive, layered, well-seasoned.

Score80TypenewsSentimentnegative

Summary

A security researcher discovered a prompt injection vulnerability in ChatGPT where the AI cannot distinguish between its own generated content and attacker-controlled Markdown from external web pages. If a user asks ChatGPT to summarize a webpage containing hidden instructions, the page becomes a payload. Attackers can exploit this to inject phishing URLs into ChatGPT responses or display fake security alerts written in ChatGPT's style. The vulnerability was reported to OpenAI by threat hunter Andi Ahmeti.

Key quotes

· 2 pulled
An attacker could abuse this blind trust to inject phishing URLs into ChatGPT responses, or even trick the model into showing fake security alerts written in ChatGPT's own style
ChatGPT can't tell its own generated content from attacker-controlled Markdown pulled from external sources
Snippet from the RSS feed
You and me go ChatGPhish-ing in the dark

You might also wanna read

Security Flaw in ChatGPT for Google Sheets Enables Data Exfiltration via Prompt Injection

OpenAI's ChatGPT extension for Google Sheets, which has over 185,000 downloads in less than a month, is vulnerable to indirect prompt inject

promptarmor.com·3h ago

Security Vulnerability: Google's Antigravity AI Susceptible to Indirect Prompt Injection Attacks

The article describes a security vulnerability where Google's Antigravity AI system (likely referring to Gemini) can be manipulated through

promptarmor.com·6mo ago

Security Researchers Discover ChatGPT Vulnerability That Could Extract Sensitive Gmail Data

Security researchers from Radware discovered a vulnerability called 'Shadow Leak' that allowed ChatGPT to be manipulated into extracting sen

The Verge·8mo ago

Security Vulnerability: Hidden Prompt Injections in AI Image Processing Systems

Researchers have discovered a security vulnerability in AI systems where attackers can embed hidden prompt injections in images that become

blog.trailofbits.com·9mo ago

ChatGPT AI Can Be Fooled to Reveal Secrets

texttoslides.ai·11mo ago

Security Researchers Discover Indirect Prompt Injection Vulnerability in Perplexity Comet AI Browser

Brave security researchers discovered a critical vulnerability called "indirect prompt injection" in Perplexity Comet, an AI-powered browser

brave.com·9mo ago