OpenAI says it's had to protect Atlas AI browser against serious security threats

OpenAI says it's had to protect its Atlas AI browser against some serious security threats News Sead Fadilpašić published Prompt injection threats may never go away, OpenAI says OpenAI says prompt injection attacks can’t be fully eliminated, only mitigated Malicious prompts hidden in websites can trick AI browsers into exfiltrating data or installing malware OpenAI’s rapid response loop uses adversarial training and automated discovery to harden defenses OpenAI has claimed that while AI browsers might never be fully protected from prompt injection attacks, that doesn’t mean the industry should simply give up on the idea or admit defeat to the scammers - there are ways to harden the products. The company published a new blog post discussing cybersecurity risks in its AI-powered browser, Atlas , in which it shared the somewhat grim outlook. “Prompt injection, much like scams and social engineering on the web, is unlikely to ever be fully ‘solved,’” the blog reads. “But we’re optimistic that a proactive, highly responsive rapid response loop can continue to materially reduce real-world risk over time. By combining automated attack discovery with adversarial training and system-level safeguards, we can identify new attack patterns earlier, close gaps faster, and continuously raise the cost of exploitation.” Rapid response loop So what exactly is prompt injection, and what is this “rapid response loop” approach? Prompt injection is a type of attack in which a malicious prompt is “injected” into the victim’s AI agent without their knowledge, or consent. For example, an AI browser could be allowed to read all of the contents of a website. If that website is malicious (or hijacked) and contains a hidden prompt (white letters on a white background, for example), the AI might act on it without the user ever realizing anything. That prompt could be different things, from exfiltrating sensitive files, to downloading and running malicious browser addons. Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! OpenAI wants to fight fire with fire, it seems. It created a bot, trained through reinforced learning, and let it be the hacker looking for ways in. It pits that bot against an AI defender who then go back and forth, trying to outwit one another. The end result is the AI defender capable of spotting most attack techniques. ➡️ Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data...

Preview: ~500 words