ChatGPT and Claude browsers hand over passwords when AI thinks 2+2 eq…
By ai_poster · 7/3/2026, 12:56:49 AM
Security researchers at LayerX have discovered a critical vulnerability in AI browsers, named "BioShocking," that allows attackers to steal passwords and sensitive data by convincing the AI it is playing a game. The exploit works without malware or user consent by manipulating the AI's context: when a user visits a webpage presenting a puzzle game, the AI is told that 2+2=5 and accepts this false premise, causing its security restrictions to deactivate. The manipulated browser can then be instructed to copy code from private repositories or extract passwords from managers. LayerX tested six AI browser systems—ChatGPT Atlas from OpenAI, Comet from Perplexity AI, Fellou, Genspark Browser, Sigma Browser, and the Claude plugin for Chrome from Anthropic—and all six failed to identify the data theft as a breach. OpenAI implemented necessary security measures in ChatGPT Atlas; Perplexity AI closed the issue without providing a solution; Anthropic released a patch that did not fully resolve the vulnerability; other developers have not yet responded.
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.