Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant’s implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. “The chatgpt.com response renderer trusts Markdown links and Markdown
Tag: leverages
Global Security News
New FROST attack exploits browser features for website and app tracking
The FROST attack leverages the Origin Private File System (OPFS), a browser feature, to measure Solid-State Drive (SSD) access speeds.
Global Security News
‘Claude Code install’ search result leads to ClickFix infostealer attack
The attack leverages a polyglot file, heavy obfuscation and fileless execution to evade detection.
AI, Exploits, Global Security News
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.
AI, Global Security News, malware
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. “The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,”…