Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    New BioShocking attack manipulates AI browser into data theft

    June 30, 2026

    The OSINT Newsletter – Issue #112

    June 30, 2026

    Fake Perplexity extension on Chrome Web Store tracked searches

    June 30, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»New BioShocking attack manipulates AI browser into data theft
    News

    New BioShocking attack manipulates AI browser into data theft

    adminBy adminJune 30, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    New BioShocking attack manipulates AI browser into data theft

    A new prompt injection attack dubbed “BioShocking” could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, causing them to ignore any safety guardrails.

    A proof-of-concept (PoC) for the attack, devised by researchers at LayerX, was successfully tested against six mainstream agentic browser products (ChatGPT Atlas, Comet, Fellou, Genspark Browser, Sigma Browser, and the Claude Chrome plugin), with only one addressing it after receiving the report.

    How BioShocking works

    LayerX created a proof-of-concept in which a malicious webpage presented a BioShock-themed puzzle game that rewards wrong answers. This teaches the browser’s control agent that normal rules do not apply.

    image

    In the final step for winning the game, the agent is instructed to visit a GitHub repository and copy and share data present in the code, including sensitive information such as passwords.

    The main problem LayerX discovered in this exercise is that AI agents fail to distinguish between real-world sensitive operations and a given scenario.

    AI agent's reasoning overview
    AI agent’s reasoning overview
    Source: LayerX

    “Once the agents figured out the rules and learned that ‘incorrect’ actions are acceptable, they were no longer tied to reality,” explains LayerX.

    “When tasked with the final step of the puzzle – compromising user credentials – all 6 agents failed to identify it as going against their safety guardrails.”

    LayerX’s PoC did not actually perform any malicious actions, but the researchers underline that it could do so without changing the outcome of the exercise.

    AI vendors’ response

    LayerX informed vendors of its findings in October last year and received no reply from three of them.

    The researchers say that OpenAI was the only vendor that has implemented a working fix for BioShocking in its ChatGPT Atlas browser.

    Anthropic attempted to fix the problem on its Chrome plugin, but the patch is ineffective against the PoC, LayerX says.

    Perplexity AI closed the report without fixing the issue, the researchers note in the report.

    LayerX recommends that vendors add explicit user confirmation for sensitive actions, stronger context checks, and scope limits for agentic sessions.

    On their part, users should use the available options on their platform of choice to restrict AI browser access to sensitive services.


    article image

    Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

    The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

    Get the whitepaper



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleThe OSINT Newsletter – Issue #112
    admin
    • Website

    Related Posts

    News

    The OSINT Newsletter – Issue #112

    June 30, 2026
    News

    Fake Perplexity extension on Chrome Web Store tracked searches

    June 30, 2026
    News

    Infosec News Nuggets — June 30, 2026 – AboutDFIR

    June 30, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views

    Defending Canada’s Digital Frontier: Combating Phishing, Social Engineering, Ransomware, and Malware

    March 23, 202632 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views

    Defending Canada’s Digital Frontier: Combating Phishing, Social Engineering, Ransomware, and Malware

    March 23, 202632 Views
    Our Picks

    New BioShocking attack manipulates AI browser into data theft

    June 30, 2026

    The OSINT Newsletter – Issue #112

    June 30, 2026

    Fake Perplexity extension on Chrome Web Store tracked searches

    June 30, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.