Cybersecurity researchers at Permiso Security have identified a vulnerability dubbed 'ChatGPhish' in OpenAI's ChatGPT that exploits the platform's trust in Markdown links and images. The flaw enables attackers to execute prompt injection attacks and conduct phishing campaigns by manipulating how ChatGPT's web interface renders Markdown content. This vulnerability highlights emerging security risks
Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. "The chatgpt.com response renderer trusts Markdown links and Markdown
Originally published at thehackernews.com
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
