Skip to content
The Nexus
SECURITYMay 29 · 12:00 UTCTHE REGISTER

ChatGPT blindly trusts browser content, turning the page into a payload

A researcher discovered ChatGPT cannot distinguish between its own content and attacker-controlled Markdown from external sources, enabling prompt injection attacks that could inject phishing URLs or fake security alerts. The vulnerability, reported as 'ChatGPhish,' allows attackers to bypass desktop URL defenses via QR codes linking to attacker-controlled content, though it's unclear if OpenAI has fixed the issue.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this