ChatGPT blindly trusts browser content, turning the page into a payload
A researcher has discovered a security flaw in ChatGPT that allows attackers to inject malicious content through prompt injection. This vulnerability could enable phishing attacks by embedding harmful URLs in responses generated by the chatbot. OpenAI has not confirmed whether the issue has been addressed, leaving users at risk when using the service.
- ▪ChatGPT is vulnerable to prompt injection, allowing attackers to manipulate its responses.
- ▪The flaw could be exploited to inject phishing URLs or fake security alerts into ChatGPT outputs.
- ▪The researcher reported the issue to OpenAI but has not received confirmation on whether it has been fixed.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); Security ChatGPT blindly trusts browser content, turning the page into a payload You and me go ChatGPhish-ing in the dark Jessica Lyons Jessica Lyons Published fri 29 May 2026 // 13:00 UTC EXCLUSIVE ChatGPT can’t tell its own generated content from attacker-controlled Markdown pulled from external sources, according to a researcher who found the prompt injection technique and reported it to OpenAI.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Register.
Discussion
0 commentsMore from The Register
