New 'Man-in-the-Prompt' Attack Targets AI Chatbots Like ChatGPT
A new cyber threat, dubbed 'Man-in-the-Prompt', has emerged, targeting AI chatbots like ChatGPT and Gemini. This attack exploits browser extensions to access and manipulate user prompts without their knowledge or consent.
The threat is particularly concerning as 99% of business users have at least one browser extension installed, increasing risk exposure. The attack, similar to prompt injection, involves intercepting, modifying, or rewriting user prompts to steal data or manipulate responses. AI security must now consider the user interface and browser environment, as simple HTML text fields can become system vulnerabilities.
Researchers have proven this technique works on major AI tools, including ChatGPT, Gemini, Copilot, Claude, and DeepSeek. To mitigate this risk, individual users should regularly check installed extensions and limit their permissions. Businesses should consider blocking or monitoring extensions on company devices. To distinguish reliable content from potential manipulations, prompt signing and 'spotlighting' techniques can be employed.
The 'Man-in-the-Prompt' attack highlights the evolving nature of cyber threats, with AI tools becoming the latest target. The potential consequences, including theft of sensitive data and manipulation of responses, underscore the importance of proactive measures to safeguard AI interactions.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- Ukraine's Drone Revolution: Rapid Evolution and Countermeasures
- EU's Energy Infrastructure Under Siege: Cyber Attacks Surge 67% in 2025
- Vito Schnabel's Art & Real Estate Fortune Tops €10.4M
