Dark Reading

Prompt Injections Loom Large Over ChatGPT's Atlas Browser

It's the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt ...
Windows Report

Microsoft to Block External Script Injection in Entra ID Sign-In for Stronger Security

Microsoft has announced that it's working on a major security update for Entra ID that will block external script injection during authentication.

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

Researchers are warning AI browser users about a new exploit called HashJack that can infect devices and steal data.

New AI browsers read, click and summarize for you — but experts warn they’re vulnerable to dangerous ‘prompt injections.' Here's how to stay safe

They’re smart, fast and convenient — but AI browsers can also be fooled by malicious code. Here’s what to know before you try ...
Infosecurity Magazine

HashJack Indirect Prompt Injection Weaponizes Websites

A new threat dubbed “HashJack” could enable attackers to booby trap websites when they interact with AI browsers ...

Second-order prompt injection can turn AI into a malicious insider

The task is automatically passed to a higher-privileged “Data Retrieval Agent”, which interprets the request as legitimate ...