Malicious extensions in Chrome Web store steal user credentials

Two Chrome extensions in the Web Store named 'Phantom Shuttle' are posing as plugins for a proxy service to hijack user ...

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is beefing up its cybersecurity with an "LLM-based automated attacker." ...

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas

OpenAI says it has patched ChatGPT Atlas after internal red teaming found new prompt injection attacks that can hijack AI browser agents. The update adds an adversarially trained model plus stronger ...

MacSync Stealer variant finds a way to bypass Apple malware protections

We’ve recently seen how ChatGPT was used to trick Mac users into installing MacStealer, and now a different tactic ...

OpenAI Says Prompt Injections a Challenge for AI Browsers, Builds an Attacker to Train ChatGPT Atlas

OpenAI says prompt injections remain a key risk for AI browsers and is using an AI attacker to train ChatGPT Atlas.
Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of ...