Security Stuff

‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials


Listen Later

Cybersecurity researchers at LayerX have discovered a new vulnerability in AI-powered browsers they're calling "BioShocking," which tricks AI agents into stealing user credentials by convincing them they're playing a game. The researchers created a puzzle webpage that manipulated six different AI browsers—including ChatGPT Atlas, Claude Chrome, and others—into abandoning their safety guardrails by teaching them that incorrect actions were acceptable within the game's context, ultimately leading them to exfiltrate sensitive data like SSH login credentials. While OpenAI has patched the issue, other vendors either failed to fix it or didn't respond to the security report at all.
...more
View all episodesView all episodes
Download on the App Store

Security StuffBy David