LayerX
Coverage of LayerX in the Nexus archive.
- New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
A new attack called BioShocking, developed by security firm LayerX, tricks AI browsers and assistants into leaking user credentials by convincing them they are playing a game. The technique affected six AI systems, including OpenAI's ChatGPT Atlas, Perplexity's Comet, and Anthropic's Claude browser extension, allowing attackers to obtain login details.
- Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
Akamai announced its acquisition of LayerX, joining other vendors in the growing trend of adding secure enterprise browsers to their product portfolios. This strategic move reflects increasing market demand for enhanced security solutions in enterprise environments.
- Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
A flaw in the Chrome extension for Anthropic's Claude AI model allows any other plugin to hijack victims' AI, potentially leading to unauthorized actions such as extracting files from Google Drive and sending emails on behalf of a user. The vulnerability was discovered by LayerX, a browser security firm. Researchers reported the flaw to Anthropic, but claim that only a partial fix was issued.
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
A new report from LayerX reveals that AI browser extensions are a significant, overlooked security threat, highlighting a critical blind spot in AI security discussions that focus on 'shadow' AI and GenAI consumption.