A critical vulnerability, known as “Man-in-the-Prompt,” has emerged, affecting popular generative AI tools like ChatGPT and Google Gemini. Malicious browser extensions exploit the Document Object Model (DOM) to inject prompts, steal sensitive data, and manipulate responses without needing special permissions. This issue puts billions of users at risk, especially with ChatGPT’s 5 billion monthly visits and Gemini’s 400 million users. Current security measures, including CASBs and DLP solutions, fail to detect these attacks due to limited visibility into DOM interactions. Notably, 99% of enterprises are vulnerable, as many users have multiple browser extensions installed. Proof-of-concept attacks demonstrate how compromised extensions can exfiltrate confidential data from AI tools. To mitigate these risks, organizations need to implement behavioral risk assessments for extensions and monitor DOM interactions, moving beyond traditional application controls. This shift is essential to protect intellectual property and maintain trust in AI tools amidst growing security concerns.
Source link
Share
Read more