Skip to main content
Holiday Sale — Get 40% off Vantage for yourself or as a gift
Get Started
SubscribeLogin
Published loading...Updated

Your AI Browser Can Be Hijacked by Prompt Injection, OpenAI Just Patched Atlas

OpenAI deployed a security update to ChatGPT Atlas to combat prompt injection, a persistent threat where attackers embed malicious instructions in everyday online content.

  • OpenAI shipped a security update to ChatGPT Atlas to defend against prompt-injection attacks hiding instructions in email, shared documents, forums, and webpages.
  • Attackers craft content and seed inboxes with agent-targeted instructions, using simulated rollout and iteration to refine injections hidden in seemingly ordinary text.
  • In a demo, Atlas ran into a malicious email and followed injected commands, sending a resignation to the user's CEO instead of an out-of-office, while OpenAI says privileged trace access aids its internal red team.
  • For users, OpenAI recommends logged-out browsing, scrutinizing confirmation prompts, and giving agents narrow explicit instructions to address prompt injection as a long-term security problem.
  • OpenAI built an automated attacker model trained with reinforcement learning testing to identify prompt-injection exploits, and the company's core warning advises choosing updated browsers for safer AI browsing.
Insights by Ground AI

24 Articles

ZDNetZDNet
Center

How OpenAI is defending ChatGPT Atlas from attacks now - and why safety's not guaranteed

An 'automated attacker' mimics the actions of human hackers to test the browser's defenses against prompt injection attacks. But there's a catch.

·United States
Read Full Article
Tech RadarTech Radar
Center

OpenAI says it's had to protect its Atlas AI browser against some serious security threats

Prompt injection might never go away, OpenAI says, as it compares it to phishing.

·United Kingdom
Read Full Article
FortuneFortune
Center

OpenAI says AI browsers like ChatGPT Atlas may never be fully secure from hackers—and experts say the risks are 'a feature not a bug'

OpenAI has said that some attack methods against AI browsers like ChatGPT Atlas are likely here to stay, raising questions about whether AI agents can ever safely operate across the open web. The main issue is a type of attack called “prompt injection,” where hackers hide malicious instructions in websites, documents, or emails that can trick the AI agent into doing something harmful. For example, an attacker could embed hidden commands in a web…

·New York, United States
Read Full Article
Digital TrendsDigital Trends
Center

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas

OpenAI says it has patched ChatGPT Atlas after internal red teaming found new prompt injection attacks that can hijack AI browser agents. The update adds an adversarially trained model plus stronger safeguards.

·United States
Read Full Article
TekediaTekedia

OpenAI Admits Prompt Injection Risks in Atlas Browser Are Here to Stay, Unveils AI-Powered “Attacker” Defense

OpenAI has openly acknowledged that prompt injection attacks—a sophisticated vulnerability where malicious instructions are concealed in web content, emails, or documents to manipulate AI agents—pose an intractable, long-term security threat to its ChatGPT Atlas browser, with no prospect of complete elimination. In a comprehensive blog post published Monday titled “Continuously hardening ChatGPT Atlas against prompt […] The post OpenAI Admits Pr…

Read Full Article
contentgrip.comcontentgrip.com

ChatGPT Atlas prompt injection threats explained

OpenAI is making bold claims about improving AI browser security, but it’s also being unusually honest about the long-term risk that prompt injection poses to systems like ChatGPT Atlas.In a detailed new blog post, the company revealed that prompt injection—where attackers embed hidden commands into websites, emails, or docs to hijack AI agents—is not a fix-once-and-done problem. Like phishing or social engineering, OpenAI says this category of …

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

nextbigwhat broke the news in on Tuesday, December 23, 2025.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

OpenAI icon

OpenAI

Business icon

Business

Security icon

Security

Technology icon

Technology

Gadgets icon

Gadgets

Politics icon

Politics

Artificial Intelligence icon

Artificial Intelligence

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal