Password-Stealing AI HashJack Threat To Web Browsers Confirmed

Password-Stealing AI HashJack Threat To Web Browsers Confirmed

Security researchers have confirmed a new AI browser-based attack called HashJack that can steal your passwords and data.

AI Browser Security Flaw Discovered by Israeli Researchers

Israeli cybersecurity researchers discovered a critical vulnerability in popular AI-powered browsers that transforms any legitimate website into a potential hacking tool without requiring attackers to breach the sites themselves. The vulnerability was discovered by the Cato CTRL research group of cybersecurity company Cato Networks and originates in common AI tools, including Google's Gemini, Microsoft's Copilot, and Perplexity's Comet. The Gemi…

HashJack attack shows AI browsers can be fooled with '#'

: Hashtag-do-whatever-I-tell-you

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

Researchers are warning AI browser users about a new exploit called HashJack that can infect devices and steal data.

New "HashJack" attack can hijack AI browsers and assistants

Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or disinformation (e.g., incorrect medicine dosage guidance or investment advice), send sensitive data to the attacker, or push users to perform risky actions. They call the technique HashJack, because it relies on malicious instructions being hidden in the #fragment of a URL t…