- Pro
- Security
Some browsers are more exposed than others
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Cato Networks)
- Hidden URL fragments allow attackers to manipulate AI assistants without user knowledge
- Some AI assistants transmit sensitive data to external endpoints automatically
- Misleading guidance and fake links can appear on otherwise normal websites
Many AI browsers are facing scrutiny after researchers detailed how a simple fragment in a URL can be used to influence browser assistants.
New research from Cato Networks found the "HashJack" technique allows malicious instructions to sit quietly after a hashtag in an otherwise legitimate link, creating a path for covert commands that remain invisible to traditional monitoring tools.
- Amazon Black Friday deals are live: here are our picks!
The assistant processes the hidden text locally, which means the server never receives it, and the user continues to see a normal page while the browser follows instructions they never typed.
You may like-
OpenAI's shiny new Atlas browser might have some serious security shortcomings - and it's not the only one under threat from dangerous spoof attacks
-
OpenAI's new Atlas browser may have some extremely concerning security issues, experts warn - here's what we know
-
Major AI agents are being spoofed - and it could put your site at risk
Behaviour of assistants when fragments are processed
Testing showed certain assistants attempt autonomous actions when exposed to these fragments, including actions that transmit data to external locations controlled by an attacker.
Others present misleading guidance or promote links that imitate trusted sources, giving the impression of a normal session while altering the information provided to the user.
The browser continues to display the correct site, which makes the intrusion difficult to detect without close inspection of the assistant’s responses.
Major technology firms have been notified of the issue, but their responses varied significantly.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Some vendors deployed updates to their AI browser features, while others judged the behaviour as expected based on existing design logic.
Companies said defending against indirect prompt manipulation depends on how each AI assistant reads hidden page instructions.
Regular traffic inspection tools can only observe URL fragments that leave the device.
You may like-
OpenAI's shiny new Atlas browser might have some serious security shortcomings - and it's not the only one under threat from dangerous spoof attacks
-
OpenAI's new Atlas browser may have some extremely concerning security issues, experts warn - here's what we know
-
Major AI agents are being spoofed - and it could put your site at risk
Therefore, conventional security measures provide limited protection in this scenario because the URL fragments never leave the device for inspection.
This forces defenders to move beyond network-level review and examine how AI tools integrate with the browser itself.
Stronger oversight requires attention to local behavior, including how assistants process hidden context invisible to users.
Organisations have to use stricter endpoint protection and tighter firewall rules, but these are only a layer and do not fix the visibility gap.
The HashJack method illustrates a vulnerability unique to AI-assisted browsing, where legitimate websites can be weaponised without leaving conventional traces.
Awareness of this limitation is critical for organisations deploying AI tools, as traditional monitoring and defence measures cannot fully capture these threats.
How to stay safe
- Limit personal information shared online.
- Monitor financial accounts for unusual activity.
- Use unique, complex passwords for all accounts.
- Verify URLs before logging into websites.
- Be cautious of unsolicited messages or calls claiming to be from financial institutions.
- Deploy antivirus software to protect devices from malware.
- Enable firewalls to block unauthorized access.
- Use identity theft protection to monitor personal information.
- Recognize that sophisticated phishing campaigns and AI-driven attacks still pose risks.
- Effectiveness depends on consistent implementation across devices and networks.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Efosa UdinmwenFreelance JournalistEfosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
OpenAI's shiny new Atlas browser might have some serious security shortcomings - and it's not the only one under threat from dangerous spoof attacks
OpenAI's new Atlas browser may have some extremely concerning security issues, experts warn - here's what we know
Major AI agents are being spoofed - and it could put your site at risk
AI chatbot users beware - hackers are now hiding malware in the images served up by LLMs
Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
AI scams surge: how consumers and businesses can stay safe
Latest in Security
Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details
Microsoft Teams guest access could let hackers bypass some critical security protections
Many of us aren't confident we could spot a fake website this Black Friday - so be on your guard
Excited for your Christmas bonus? So are scammers - so make sure you check your emails carefully
Malicious LLMs are letting even unskilled hackers to craft dangerous new malware
Multiple London councils affected by apparent cyberattack
Latest in News
How to watch Heated Rivalry online – watch in UK, US, Canada as the steamy hockey drama hits No.1
Does Amazon have a Black Friday 2025 price promise? Here's how it compares
OpenAI and Google limit free Sora, Nano Banana Pro and Gemini 3 Pro use
Premier League Black Friday deal: Get 50% Off Walmart+ and watch 2025-26 EPL season on Peacock
NYT Connections hints and answers for Saturday, November 29 (game #902)
NYT Strands hints and answers for Saturday, November 29 (game #636)
LATEST ARTICLES- 1Apple, Google required to provide digital ID tools under Missouri age verification law – but are they ready?
- 2Will Amazon refund you if Black Friday prices drop further? Here’s the answer – and how other retailers compare
- 3Malicious LLMs are letting even unskilled hackers to craft dangerous new malware
- 4Many of us aren't confident we could spot a fake website this Black Friday - so be on your guard
- 5The Commodore 64 is back on the production line for the first time in 30 years – and I want it, even if it makes zero sense
