A newly discovered security flaw in AI-enhanced web browsers poses significant risks, enabling attackers to exploit legitimate websites for data theft, credential harvesting, and disinformation without breaching those sites. Identified by the Cato CTRL research team from Cato Networks, this vulnerability affects popular AI browser assistants, including Google’s Gemini and Microsoft’s Copilot. Malicious actors can manipulate these tools to display fake customer-service numbers, fraudulent links, and extract sensitive data without the user’s awareness. This technique, dubbed HashJack, leverages URL fragments, allowing harmful commands to pass undetected by traditional security measures. Since the URL appears legitimate, users are often unaware of potential threats, unlike conventional phishing scams. Cato Networks emphasizes that this method could transform any trustworthy website into an unwitting attack vector, highlighting the evolving nature of AI-driven cyber threats driven by the interpretation of user context and page content in AI browser assistants.
Source link
