Tech »  Topic »  HashJack Attack Uses URL ‘#’ to Control AI Browser Behavior

HashJack Attack Uses URL ‘#’ to Control AI Browser Behavior

49 minutes ago   hackread.com

Cybersecurity firm Cato Networks reveals HashJack, a new AI browser vulnerability using the ‘#’ symbol to hide malicious commands. Microsoft and Perplexity fixed the flaw, but Google’s Gemini remains at risk.

On November 25, 2025, cybersecurity firm Cato Networks revealed HashJack, a new threat where the simple pound sign (#) in a web address (URL) hides malicious instructions for AI browser assistants like Google’s Gemini, Microsoft’s Copilot, and Perplexity’s Comet.

The Vulnerability

HashJack is the first of its kind example of an indirect prompt injection technique, where an attacker hides commands in content the AI will read later, in this case, the URL itself. This allows HashJack to exploit how AI assistants read the full URL, including the section after the # (the URL fragment), which web servers normally ignore.

This allows bad actors to weaponise any legitimate website without hacking the site itself. As Cato Networks’ senior security ...


Copyright of this story solely belongs to hackread.com . To see the full text click HERE