🟠 High | Source: The Hacker News
Security firm LayerX has demonstrated a technique called ‘BioShocking’ that manipulates AI-powered browsers and assistants into handing over a user’s login credentials by convincing them they are participating in a game scenario. Six AI browsers were successfully exploited, including ChatGPT Atlas, Perplexity’s Comet, and Anthropic’s Claude browser extension. The attack highlights a fundamental risk in AI agents that have access to sensitive browser data and can be socially engineered through prompt manipulation.
Security Architect’s Take: Audit and restrict which AI browser extensions and agents have access to credential stores or form autofill data within your organisation’s managed devices; consider blocking unapproved AI browser extensions via endpoint policy until vendors issue mitigations against prompt-based social engineering attacks.
Original advisory: New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials