AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/f6/23/42/f62342b2-2c9e-c4b8-f30a-45740001dcdd/mza_9392632951824236990.jpg/600x600bb.jpg

Daily Security Review

410 episodes

1 week ago

Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities

All content for Daily Security Review is the property of Daily Security Review and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities

Technology

News,

Tech News

https://img.transistor.fm/fqpBh5f_k3TYHqVBSxO4xbSNcJHlXpdK93VZOK0RNHA/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS82Mzc0/Nzc5NTgxNGZiODJi/NDZmZWM4OWMwYWMz/NzE1ZS5wbmc.jpg

AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces

Daily Security Review

21 minutes

1 week ago

AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces

Cybersecurity firm SquareX has unveiled a new and alarming threat to users of AI-enabled browsers — a technique called AI Sidebar Spoofing. This sophisticated attack uses malicious browser extensions to create visually identical replicas of legitimate AI sidebars, tricking users into believing they are interacting with trusted AI assistants like ChatGPT Atlas, Perplexity’s Comet, or integrated browser agents such as Copilot in Edge and Gemini in Chrome. Once installed, these extensions inject JavaScript that seamlessly imitates the real AI interface, intercepting and altering prompts and responses.

The result? A user unknowingly follows manipulated AI instructions that can lead to phishing scams, credential theft, or the execution of malicious commands directly on their own device. This form of attack weaponizes trust—exploiting not software vulnerabilities, but human behavior. SquareX’s analysis shows that these spoofed sidebars can guide users to install malware, grant remote access, or visit fraudulent websites, all while maintaining the illusion of legitimate AI guidance.

The systemic flaw lies in how browsers permit extensions to inject and manipulate on-page content, making this threat platform-agnostic and dangerously widespread. Even though providers like OpenAI enforce strict sandboxing in ChatGPT’s Atlas browser, these safeguards do not protect users from themselves—particularly when deception is this seamless.

Cybersecurity experts now warn that AI Sidebar Spoofing represents the next evolution in social engineering attacks, combining psychological manipulation with technical precision. To defend against it, organizations must enforce strict extension controls, retrain users to question AI-provided instructions, and recognize that as AI becomes a daily tool, the human trust layer is the new battlefield in cybersecurity.

#AISidebarSpoofing #SquareX #ChatGPTAtlas #PerplexityComet #BrowserSecurity #SocialEngineering #Malware #CyberThreat #AITrust #ExtensionExploits #Cybersecurity #OpenAI #Phishing #AIinSecurity