Recent analyses by cybersecurity experts have raised concerns regarding OpenAI’s Atlas browser after a vulnerability was uncovered that allows attackers to inject malicious code. This not only jeopardizes the security of systems using this AI-driven browser but also poses significant risks of malware distribution and access control breaches. According to LayerX Security, the vulnerability affects all ChatGPT users on any browser, but Atlas’s lack of anti-phishing features makes it particularly dangerous. When users log into ChatGPT, their authentication cookies are stored, and malicious links can exploit this to execute commands through cross-site request forgery (CSRF). This highlights the risks when utilizing AI browsers in corporate environments, especially given the nature of BYOD and mixed-use scenarios.
Despite the current limited deployment of Atlas, as it is relatively new and currently only available for macOS, there are fears that its use might extend into workplace applications. Security experts recommend that enterprises keep the browser disabled by default and only operate it within restricted pilot environments that use non-sensitive data. Failure to do so could result in far-reaching consequences for data security as malicious activities can transcend individual devices and exploit cloud-connected accounts.
👉 Pročitaj original: CIO Magazine
