Head Topics

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas

Computing News

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas
Agent ModeAgent SecurityAI Browsers
  • 📰 DigitalTrends
  • ⏱ Reading Time:
  • 112 sec. here
  • 12 min. at publisher
  • 📊 Quality Score:
  • News: 79%
  • Publisher: 65%

Tech Product Reviews, How To, Best Ofs, deals and Advice

OpenAI has shipped a security update to ChatGPT Atlas aimed at prompt injection in AI browsers, attacks that hide malicious instructions inside everyday content an agent might read while it works. Atlas’s agent mode is built to act in your browser the way you would: it can view pages, click, and type to complete tasks in the same space and context you use.

That also makes it a higher-value target, because the agent can encounter untrusted text across email, shared documents, forums, social posts, and any webpage it opens. Recommended Videos The company’s core warning is simple. Hackers can trick the agent’s decision-making by smuggling instructions into the stream of information it processes mid-task. A hidden instruction, big consequences OpenAI’s post highlights how quickly things can go sideways. An attacker seeds an inbox with a malicious email that contains instructions written for the agent, not the human. Later, when the user asks Atlas to draft an out-of-office reply, the agent runs into that email during normal work and treats the injected instructions as authoritative. In the demo scenario, the agent sends a resignation letter to the user’s CEO, and the out-of-office never gets written. If an agent is scanning third-party content as part of a legitimate workflow, an attacker can try to override the user’s request by hiding commands in what looks like ordinary text. An AI attacker gets practice runs To find these failures earlier, OpenAI says it built an automated attacker model and trained it end-to-end with reinforcement learning to hunt for prompt-injection exploits against a browser agent. The goal is to pressure-test long, realistic workflows, not just force a single bad output. The attacker can draft a candidate injection, run a simulated rollout of how the target agent would behave, then iterate using the returned reasoning and action trace as feedback. OpenAI says privileged access to those traces gives its internal red team an advantage external attackers don’t have. What to do with this now OpenAI frames prompt injection as a long-term security problem, more like online scams than a bug you patch once. Its approach is to discover new attack patterns, train against them, and tighten system-level safeguards. For users, you should use logged-out browsing when you can, scrutinize confirmations for actions like sending email, and give agents narrow, explicit instructions instead of broad “handle everything” prompts. If you’re still curious what AI browsing can do, then go with browsers that ship updates that benefit you.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

DigitalTrends /  🏆 95. in US

Agent Mode Agent Security AI Browsers Browser Agents Chatgpt Chatgpt Atlas Openai Prompt Injection Reinforcement Learning

 

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

4 Of The Best Android Tablets According To Consumer Reports4 Of The Best Android Tablets According To Consumer ReportsAs a tech enthusiast, Alvin started a personal tech blog in 2018 and began his professional writing career a year later, in 2019, when he worked as a contributor for Kenyan-based TechTrendsKE and Tech Arena, writing news, features, how-to guides, and reviews in the consumer tech space.
Read more »

Panasonic TVs: Here's Who Makes Them And Where They're ManufacturedPanasonic TVs: Here's Who Makes Them And Where They're ManufacturedAs a tech enthusiast, Alvin started a personal tech blog in 2018 and began his professional writing career a year later, in 2019, when he worked as a contributor for Kenyan-based TechTrendsKE and Tech Arena, writing news, features, how-to guides, and reviews in the consumer tech space.
Read more »

DoorDash brings grocery ordering to ChatGPTDoorDash brings grocery ordering to ChatGPTDoorDash announced it is launching a new grocery shopping app within OpenAI’s ChatGPT.
Read more »

OpenAI’s Child Exploitation Reports Increased Sharply This YearOpenAI’s Child Exploitation Reports Increased Sharply This YearThe company made 80 times as many reports to the National Center for Missing & Exploited Children during the first six months of 2025 as it did in the same period a year prior.
Read more »

How Disney’s OpenAI Deal Changes EverythingHow Disney’s OpenAI Deal Changes EverythingAfter a wild few weeks, two Hollywood Reporter editors dissect the tech-entertainment deal of the century.
Read more »

OpenAI’s ChatGPT ‘Wrapped’ Is a Good Reminder to Check Your Privacy SettingsOpenAI’s ChatGPT ‘Wrapped’ Is a Good Reminder to Check Your Privacy SettingsA chatbot never forgets (unless you opt out of memories).
Read more »



Render Time: 2026-04-01 03:08:40