OpenAI says it's had to protect its Atlas AI browser against some serious security threats

• OpenAI says prompt injection attacks can’t be fully eliminated, only mitigated
• Malicious prompts hidden in websites can trick AI browsers into exfiltrating data or installing malware
• OpenAI’s rapid response loop uses adversarial training and automated discovery to harden defenses

OpenAI has claimed that while AI browsers might never be fully protected from prompt injection attacks, that doesn’t mean the industry should simply give up on the idea or admit defeat to the scammers - there are ways to harden the products.

The company published a new blog post discussing cybersecurity risks in its AI-powered browser, Atlas, in which it shared the somewhat grim outlook.

“Prompt injection, much like scams and social engineering on the web, is unlikely to ever be fully ‘solved,’” the blog reads. “But we’re optimistic that a proactive, highly responsive rapid response loop can continue to materially reduce real-world risk ...