Skip to content
The Nexus
DossierENTITY

Permiso

Coverage of Permiso in the Nexus archive.

Earliest in view: May 29 · 12:00 UTCMost recent: May 29 · 12:00 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 29 · 12:00 UTCTHE REGISTER
    ChatGPT blindly trusts browser content, turning the page into a payload

    A researcher discovered ChatGPT cannot distinguish between its own content and attacker-controlled Markdown from external sources, enabling prompt injection attacks that could inject phishing URLs or fake security alerts. The vulnerability, reported as 'ChatGPhish,' allows attackers to bypass desktop URL defenses via QR codes linking to attacker-controlled content, though it's unclear if OpenAI has fixed the issue.

Permiso · Dossier · The Nexus