VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

ChatGPhish: Summarization as a New Phishing Attack Surface

ChatGPhish: как суммаризация ChatGPT превращается в новую поверхность для фишинга

Colleagues, note a cyber‑security issue: the ChatGPhish vulnerability converts ChatGPT summaries into a phishing vector.

- Permiso Security found ChatGPT’s renderer trusts Markdown links and images from the summarized page: they auto‑load and become clickable.
- Exploits can exfiltrate IP, User‑Agent and Referer, display fake system notices and QR codes, and bypass filters.
- Any malicious page an employee asks to summarize can theoretically turn the chat into a phishing interface.

Why it matters: the risk of compromise increases because attacks can enter via normal browser workflows.

How will you restrict processing of external content in chats?

#cybersecurity #phishing #AI #ChatGPT

Latest comments

No comments yet.