tech

December 22, 2025

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is beefing up its cybersecurity with an 'LLM-based automated attacker.'

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

TL;DR

  • Prompt injection is a difficult-to-solve security challenge for AI agents operating on the web.
  • OpenAI is enhancing its Atlas AI browser's defenses against these attacks.
  • The company has created an "LLM-based automated attacker" to find vulnerabilities.
  • This automated attacker uses reinforcement learning to test and refine attack strategies in simulation.
  • The U.K.'s National Cyber Security Centre also warned about the ongoing risk of prompt injection attacks.
  • Security researchers and experts highlight the trade-off between AI agent autonomy and access to sensitive data.
  • OpenAI recommends users limit agent access and require confirmation for actions to reduce risk.
  • Some experts question the current value proposition of agentic browsers given their risk profile.

Continue reading
the original article

Made withNostr