SECURITYTHE HACKER NEWS
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Cybersecurity researchers have identified a vulnerability in OpenAI's ChatGPT that exploits the AI's trust in Markdown links and images to execute phishing attacks through prompt injections. The flaw, named ChatGPhish by Permiso Security, allows attackers to manipulate ChatGPT's web summaries into phishing surfaces.
Related Signal
Adjacent reporting
- ChatGPT blindly trusts browser content, turning the page into a payload
- Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
- Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
- Robinhood account creation flaw abused to send phishing emails
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
- Drupal: Critical SQL injection flaw now targeted in attacks