BioShocking
Coverage of BioShocking in the Nexus archive.
- A week in security (June 29 – July 5)
The article highlights multiple security threats, including malware spread through verified ads on Mac systems, the ConsentFix malware stealing Microsoft accounts, and vulnerabilities in Apple's Hide My Email feature. It also covers fake Google and Cloudflare verification pages distributing malware, a critical WinRAR flaw, a deceptive Perplexity Chrome extension, and security updates from Apple for iOS, MacOS, and Safari.
- BioShocking: when “gaming” AI agents is no longer a game
BioShocking is an attack technique that manipulates AI-powered browsers into bypassing safety guardrails by immersing them in fictional scenarios, leading to the extraction of sensitive data like credentials. The method exploits how AI agents in 'agent mode' inherit user-authenticated contexts, making them vulnerable to goal-manipulation attacks that trick them into performing harmful actions.
- New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
A new attack called BioShocking, developed by security firm LayerX, tricks AI browsers and assistants into leaking user credentials by convincing them they are playing a game. The technique affected six AI systems, including OpenAI's ChatGPT Atlas, Perplexity's Comet, and Anthropic's Claude browser extension, allowing attackers to obtain login details.