CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...
HotHardware

Researcher Claims TikTok Could Be Secretly Tracking Your Keystrokes

We wrote last week about research showing that Meta takes advantage of the in-app browser feature on mobile devices to inject JavaScript into web pages viewed in the Facebook, Instagram, and Messenger ...
Searchenginejournal.com

Perplexity Comet Browser Vulnerable To Prompt Injection Exploit

Brave described a vulnerability that can be activated when a user asks the Comet AI browser to summarize a web page. The LLM will read the web page, including any embedded prompts that command the LLM ...
Hosted on MSN

Your AI Browser May Be Vulnerable to 'Prompt Injection' Attacks

Did you know you can customize Google to filter out garbage? Take these steps for better search results, including adding Lifehacker as a preferred source for tech news. AI continues to take over more ...
Bleeping Computer

New tool checks if a mobile app's browser is a privacy risk

A new online tool named 'InAppBrowser' lets you analyze the behavior of in-app browsers embedded within mobile apps and determine if they inject privacy-threatening JavaScript into websites you visit.
Dark Reading

ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack

An innovative prompt injection attacker can steal your data using nothing but a browser extension. Browser security vendor LayerX published research today dedicated to an attack it discovered that ...
HotHardware

Facebook and Instagram's In-App Browser Exploits Expose User Privacy Concerns

Facebook’s collection and sale of user data for advertising purposes took a huge hit when Apple introduced its App Tracking Transparency (ATT) feature, with Facebook projecting that it will lose out ...