Security Holes Found in OpenAI’s ChatGPT Atlas Browser (and Perplexity’s Comet)

The address bar/ChatGPT input window in OpenAI’s browser ChatGPT Atlas “could be targeted for prompt injection using malicious instructions disguised as links,” reports SC World, citing a report from AI/agent security platform NeuralTrust:

NeuralTrust found that a malformed URL could be crafted to include a prompt that is treated as plain text by the browser, passing the prompt on to the LLM. A malformation, such as an extra space after the first slash following “https:” prevents the…