MEDIUMAi
Global

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

·Source: The Hacker News

Updated:

Executive Summary

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. "The chatgpt.com response renderer trusts Markdown links and Markdown

Analysis

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. "The chatgpt.com response renderer trusts Markdown links and Markdown

Indicators of Compromise (1)

Domain (1)
chatgpt.com
VirusTotalURLhaus
Source Attribution

Originally published by The Hacker News on May 29, 2026.

Related Threats

MEDIUMAi

OpenAI gives UK banks access to cybersecurity model

OpenAI has offered the UK's biggest banks access to its new cybersecurity AI model. The decision contrasts with the approach taken by rival Anthropic, which continues to keep its Mythos model out of the hands of non-US lenders.

Finextra
MEDIUMAi

Gradient Labs raises fresh funds to build specialist AI agents for finance

Gradient Labs, the startup founded by Monzo alumni to create AI agents for the financial services industry, has doubled its Series A round with $13 million in fresh funding.

Finextra
MEDIUMAi

Anthropic to Open Mythos AI to EU's ENISA

The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic.

Dark Reading