ChatGPT Atlas is vulnerable to prompt injections and can help with phishing

Post Thumbnail

I told about how OpenAI released the ChatGPT Atlas browser. And here the first users already found a whole bouquet of problems. Let’s start with basic things. The browser has no built-in ad blocker, reading mode and text translation function on the page. To retell an article or translate it, you need to ask the bot in chat.

Unfortunately, the agent in Atlas is vulnerable to prompt injections – hidden malicious commands for neural networks that attackers place in documents in light color. One “white hacker” demonstrated such an attack: added a hidden “copy to clipboard” function to a button on the site. When the AI assistant clicks it, a malicious link is saved. The user presses Ctrl + V in chat – and the agent obediently opens fake PayPal or Gmail. Where they ask to enter personal data. Simply put, AI becomes an accomplice to phishing.

And now about censorship and restrictions. Not all articles can ChatGPT analyze – for example, The New York Times blocks Atlas use. Also the assistant doesn’t make a summary for every video due to overly cautious moderation.

Also, in AI agent mode Atlas can lag, get confused and ask for human help, especially if pop-ups appear on the site. A paradox emerges – this is a technologically advanced tool with serious vulnerabilities, without basic functions of a regular browser and with excessive censorship. OpenAI released a product that simultaneously impresses with concept and disappoints with execution.

AIvengo > Reviews > ChatGPT Atlas is vulnerable to prompt injections and can help with phishing
Почитать из последнего
UBTech will send Walker S2 robots to serve on China's border for $37 million
Chinese company UBTech won a contract for $37 million. And will send humanoid robots Walker S2 to serve on China's border with Vietnam. South China Morning Post reports that the robots will interact with tourists and staff, perform logistics operations, inspect cargo and patrol the area. And characteristically — they can independently change their battery.
Anthropic accidentally revealed an internal document about Claude's "soul"
Anthropic accidentally revealed the "soul" of artificial intelligence to a user. And this is not a metaphor. This is a quite specific internal document.
Jensen Huang ordered Nvidia employees to use AI everywhere
Jensen Huang announced total mobilization under the banner of artificial intelligence inside Nvidia. And this is no longer a recommendation. This is a requirement.
AI chatbots generate content that exacerbates eating disorders
A joint study by Stanford University and the Center for Democracy and Technology showed a disturbing picture. Chatbots with artificial intelligence pose a serious risk to people with eating disorders. Scientists warn that neural networks hand out harmful advice about diets. They suggest ways to hide the disorder and generate "inspiring weight loss content" that worsens the problem.
OpenAGI released the Lux model that overtakes Google and OpenAI
Startup OpenAGI released the Lux model for computer control and claims this is a breakthrough. According to benchmarks, the model overtakes analogues from Google, OpenAI and Anthropic by a whole generation. Moreover, it works faster. About 1 second per step instead of 3 seconds for competitors. And 10 times cheaper in cost per processing 1 token.