Post · bonfire.cafe

MadeInDex 📰🌎

@madeindex@mastodon.social · 6 hours ago

🤖 AI browsers are NOT safe!

There is a thing called "prompt injection" and it works.¹

Funnily the thing that most see as a major issue with AI, the
crawling of the #web and one-way use of it's content, is exactly what makes their AI browsers unsafe.

If you place malicious #code in that very content, the AI scans it & then runs it² on your OS 🤯

This issue has been known to the #tech corps for years³, but they released their #AI browsers nonetheless 🤑

1/2

#tech #it #news #internet #browser

MadeInDex 📰🌎

@madeindex@mastodon.social replied · 6 hours ago

2/2

Sources:
¹ https://brave.com/blog/unseeable-prompt-injections/

² https://techcrunch.com/2025/10/25/the-glaring-security-risks-with-ai-browser-agents/

³ https://techcrunch.com/2023/02/24/can-language-models-really-be-protected-from-text-based-attacks/

Can AI really be protected from text-based attacks? | TechCrunch

Language models like ChatGPT and Sydney, which powers Bing Chat, are vulnerable to malicious prompt engineering. Mitigating them will be hard.

The glaring security risks with AI browser agents | TechCrunch

New AI browsers from OpenAI and Perplexity promise to increase user productivity, but they also come with increased security risks.

Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers | Brave

AI browsers remain vulnerable to prompt injection attacks via screenshots and hidden content, allowing attackers to exploit users' authenticated sessions.

Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.21 no JS en

Automatic federation enabled