Start your day with intelligence. Get The OODA Daily Pulse.
Researchers from cybersecurity firm LayerX are warning that several agentic browsers can be manipulated to abandon their safety guardrails and perform malicious actions. To demonstrate the weakness, the researchers created a web page containing a puzzle that the AI browsers were asked to solve. Inspired by the BioShock video game, the puzzle led to a manipulation attack called BioShocking. Per the game’s rules, incorrect actions were deemed acceptable, and the tested agentic browsers, namely ChatGPT Atlas, Comet, Fellou, Genspark Browser, Sigma Browser, and Claude Chrome, quickly learned that. After learning that an incorrect answer was the key to continue playing the game, the agents started reasoning out of reality, and eventually performed a nefarious action when asked to navigate to a URL and retrieve a textbox. “In the game, it turns out that /code redirects to the victim’s employer work GitHub repository. In this case, the malicious instructions fetched sensitive SSH login credentials,” LayerX explains.