SECURITYTHE HACKER NEWS
New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
A new attack called BioShocking, developed by security firm LayerX, tricks AI browsers and assistants into leaking user credentials by convincing them they are playing a game. The technique affected six AI systems, including OpenAI's ChatGPT Atlas, Perplexity's Comet, and Anthropic's Claude browser extension, allowing attackers to obtain login details.
Mentioned
Related Signal
Adjacent reporting
- Malicious Web Pages Are Hijacking AI Agents, And Some Are Going After Your PayPal
- Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
- New macOS stealer campaign uses Script Editor in ClickFix attack
- Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft
- Cookie thieves caught stealing dev secrets via fake Claude Code installers