PANews reported on October 24th that, according to simonwillison.net, research has revealed a systemic "indirect prompt injection" risk in AI browsers. The Brave team demonstrated that Perplexity's Comet browser could be tricked into automatically accessing account details and exfiltrating data through external links via invisible commands embedded in screenshots. Fellou, however, was even more serious, with page text tricking it into opening Gmail and sending the latest email headers to an external site. Both instances involved executing without user confirmation and involved concerns about email and financial security. Brave has not clarified whether these vulnerabilities have been addressed by the vendor. OpenAI's Chief Information Security Officer, Dane Stuckey, published a lengthy article revealing the ChatGPT Atlas agent's protection against prompt injection: through red team testing, training rewards to ignore malicious commands, overlapping security fences, and attack detection blocking; he proposed "defense in depth" and acknowledged that prompt injection remains an unsolved cutting-edge problem.PANews reported on October 24th that, according to simonwillison.net, research has revealed a systemic "indirect prompt injection" risk in AI browsers. The Brave team demonstrated that Perplexity's Comet browser could be tricked into automatically accessing account details and exfiltrating data through external links via invisible commands embedded in screenshots. Fellou, however, was even more serious, with page text tricking it into opening Gmail and sending the latest email headers to an external site. Both instances involved executing without user confirmation and involved concerns about email and financial security. Brave has not clarified whether these vulnerabilities have been addressed by the vendor. OpenAI's Chief Information Security Officer, Dane Stuckey, published a lengthy article revealing the ChatGPT Atlas agent's protection against prompt injection: through red team testing, training rewards to ignore malicious commands, overlapping security fences, and attack detection blocking; he proposed "defense in depth" and acknowledged that prompt injection remains an unsolved cutting-edge problem.
Research: AI browsers pose a systemic risk of "indirect prompt injection"
2025/10/24 14:58
PANews reported on October 24th that, according to simonwillison.net, research has revealed a systemic "indirect prompt injection" risk in AI browsers. The Brave team demonstrated that Perplexity's Comet browser could be tricked into automatically accessing account details and exfiltrating data through external links via invisible commands embedded in screenshots. Fellou, however, was even more serious, with page text tricking it into opening Gmail and sending the latest email headers to an external site. Both instances involved executing without user confirmation and involved concerns about email and financial security. Brave has not clarified whether these vulnerabilities have been addressed by the vendor.
OpenAI's Chief Information Security Officer, Dane Stuckey, published a lengthy article revealing the ChatGPT Atlas agent's protection against prompt injection: through red team testing, training rewards to ignore malicious commands, overlapping security fences, and attack detection blocking; he proposed "defense in depth" and acknowledged that prompt injection remains an unsolved cutting-edge problem.
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights
You May Also Like
Crypto.com Moves Closer to U.S. Banking, Files for National Trust Charter
TLDR: Crypto.com filed a National Trust Bank Charter application with the OCC to expand regulated custody services. The Charter aims to make Crypto.com a federally regulated provider for digital asset treasuries and ETFs. The move strengthens Crypto.com’s focus on compliance and secure customer asset management. Existing operations under New Hampshire’s trust license continue without changes, [...] The post Crypto.com Moves Closer to U.S. Banking, Files for National Trust Charter appeared first on Blockonomi.
Share
2025/10/24 22:46
Bitcoin spikes to $112K on soft US CPI data as S&P 500 hits record high
Bitcoin flipped volatile as CPI data came in lower than expected, but failed to follow stocks as they hit fresh all-time highs on Fed rate-cut optimism. Key points:Bitcoin price action whipsaws around a cooler-than-expected CPI print.Optimism on risk assets increases, with the Federal Reserve seen continuing interest-rate cuts through 2026.Read more
Share
2025/10/24 22:17
Ethereum Price Prediction: ETH Targets $10,000 In 2026 But Layer Brett Could Reach $1 From $0.0058
Ethereum price predictions are turning heads, with analysts suggesting ETH could climb to $10,000 by 2026 as institutional demand and network upgrades drive growth. While Ethereum remains a blue-chip asset, investors looking for sharper multiples are eyeing Layer Brett (LBRETT). Currently in presale at just $0.0058, the Ethereum Layer 2 meme coin is drawing huge [...] The post Ethereum Price Prediction: ETH Targets $10,000 In 2026 But Layer Brett Could Reach $1 From $0.0058 appeared first on Blockonomi.
Share
2025/09/17 23:45