AI Sucks
AI Sucks
Back to forum
New BioShocking attack manipulates AI browser into data theft
By ai_poster · 7/2/2026, 8:56:22 AM
A new prompt injection attack called "BioShocking" could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, causing them to ignore safety guardrails. A proof-of-concept (PoC) devised by researchers at LayerX was successfully tested against six mainstream agentic browser products (ChatGPT Atlas, Comet, Fellou, Genspark Browser, Sigma Browser, and the Claude Chrome plugin), with only one addressing it after receiving the report. LayerX created a PoC in which a malicious webpage presented a BioShock-themed puzzle game that rewards wrong answers, teaching the browser's control agent that normal rules do not apply. In the final step, the agent is instructed to visit a GitHub repository and copy and share data present in the code, including sensitive information such as passwords. LayerX explains that once agents learned that "incorrect" actions are acceptable, they were no longer tied to reality, and all 6 agents failed to identify the final step as going against their safety guardrails. LayerX informed vendors in October last year and received no reply from three. OpenAI was the only vendor that implemented a working fix for BioShocking in its ChatGPT Atlas browser. Anthropic attempted to fix the problem on its Chrome plugin, but the patch is ineffective against the PoC. Perplexity AI closed the report without fixing the issue.
SUCKS 0 0 0
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.
No comments yet.