ChatGPT Atlas sparks security concerns as experts warn AI web browsers could expose users to data theft through prompt injection attacks.
OpenAI’s ChatGPT Atlas, a new AI-powered web browser, promises smarter, faster browsing. It can remember searches, suggest actions, and complete tasks for users. But cybersecurity experts are warning about potential privacy and security risks in AI-driven browsing.
Unveiled on October 21, ChatGPT Atlas integrates directly with ChatGPT. Users can open a sidebar to ask questions about webpages or deploy an AI agent to handle tasks like booking appointments or planning events.
Less than a day after its launch, experts raised concerns about prompt injection attacks — a new vulnerability unique to AI-powered browsers.
AI browsers access more user data than traditional ones. They remember searches, past actions, and often require access to logged-in sessions. This personalization improves convenience but could expose sensitive information.
Experts warn that AI agents can be tricked into leaking private data. Similar vulnerabilities were spotted earlier in Perplexity’s Comet browser.
Security researchers at Brave explained that attackers can hide malicious instructions in webpage content. This could include:
Hackers embed invisible instructions using white text, HTML comments, or hidden elements. These can appear in Reddit posts or Facebook comments.
When a user asks the AI to summarise, the agent crawls the entire content.
The agent cannot distinguish between legitimate content and hidden commands, executing both.
The AI may visit banking websites, steal stored passwords, or capture 2FA codes.
“The root problem is that AI browser agents do not distinguish between the content it should summarise and the instructions it should not follow,” researchers noted.
Both ChatGPT Atlas and Perplexity Comet admitted potential vulnerability. Brave discovered the flaw in Comet. No real-world attacks have been reported yet. Perplexity has made fixes to separate user instructions from webpage content.
AI browsers mark a shift in how people explore the web. Instead of typing queries, users now rely on AI agents to summarise and act on information.
While convenient, this introduces new security challenges. As AI browsers evolve, transparency, privacy, and safeguards will be crucial to protect users.
AI is redefining browsing — but innovation must never compromise security and privacy.
