BleepingComputer reports that widely used AI assistants, including ChatGPT, Copilot, Claude, Grok, Perplexity, and Gemini, could be compromised with malicious commands concealed within webpages' HTML code in a new font-rendering proof-of-concept attack.
Potential intrusions commence with visits to a website promising a reward following the execution of a reverse shell command, with the AI assistant ignoring the illicit instruction within the HTML code that is visible to the user due to its use of a custom font, according to a LayerX analysis.
"This disconnect between what the assistant sees and what the user sees results in inaccurate responses, dangerous recommendations, and eroded trust," said LayerX researchers, who called on LLM vendors to consider fonts to be a possible means of compromise.
Even though vendors have been informed about the findings, only Microsoft has moved to remediate the issue, with Google and many others dismissing the risk as 'out of scope' due to its overdependence on social engineering tactics.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
