Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion of URLs after the >>#<< symbol. This technique turns trusted websites into weapons against AI browser assistants like Perplexity's Comet, Microsoft's Copilot in Edge, and Google's Gemini in Chrome. How The Attack Unfolds HashJack exploits [...] The post HashJack: A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/hashjack-ai-browser-exploit/
