Security researchers have unveiled ChatGPhish, a newly documented vulnerability concept that demonstrates how browser-based prompt injection can influence ChatGPT page summaries and potentially expose users to phishing, tracking, and social engineering attacks. 

The research builds on earlier findings involving AI-assisted email summarization. In previous investigations, researchers examined how attacker-controlled content embedded in emails could manipulate an LLM into generating misleading responses within trusted interfaces. The latest study extends that concept beyond email and into the browser, introducing a broader attack surface where ordinary web pages can act as delivery mechanis...