OpenAI's ChatGPT Atlas browser raises digital security alerts
- Privacy Risks in ChatGPT Atlas Browser
- Experts warn of rapid injection attacks
- Cryptocurrency users should exercise extra caution
The launch of the navigator OpenAI's ChatGPT Atlas, announced Tuesday, has raised concerns among digital security experts. According to researchers, the new product still has serious vulnerabilities, particularly related to fast injection attacks—a problem that persists even with the company's recent defenses.
Cryptocurrency users have been highlighted as one of the groups most exposed to this type of flaw. This is because a simple hidden line on a seemingly legitimate page can trick the browser assistant into executing unwanted commands, such as copying autofill data, saved logins, or session information linked to exchanges like Coinbase.
The flaw occurs when the assistant interprets instructions embedded in a page's content as legitimate commands. Thus, by simply attempting to summarize a text, the system can inadvertently reveal private information. This behavior poses a high risk in an environment where millions of people already use OpenAI's integrated services every week.
Atlas is definitely vulnerable to Prompt Injection pic.twitter.com/N9VHjqnTVd
— P1njc70r (@p1njc70r) October 21, 2025
Within hours of release, researchers demonstrated successful exploits that included clipboard hijacking, configuration manipulation through Google Docs, and the insertion of invisible phishing commands. The company has yet to issue an official response, but OpenAI's Chief Information Security Officer, Dane Stuckey, acknowledged that "rapid injection remains an unresolved and evolving security issue."
OpenAI's Atlas browser seems to detect prompt injection attempts. pic.twitter.com/fwCeSDZrNU
—Ethan Wickstrom (@ethan_wickstrom) October 21, 2025
Stuckey highlighted that measures such as "Observation Mode," red-teaming, and rapid response systems are being improved, but admitted that adversaries "will spend significant time and resources" to exploit gaps.
Atlas, available for download on macOS, collects user history and actions by default through the "Memories" feature. This data can be used internally for personalization, although the privacy policy still leaves gaps regarding how the information is stored and deleted.
For those who decide to try it, experts recommend disabling "agent mode," which allows the browser to perform autonomous actions. They also suggest using "disconnected" mode when accessing sensitive websites and never allowing the browser to manage authenticated sessions related to finances, health, or corporate email.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Exclusive Interview with Brevis CEO Michael: zkVM Scaling Is Far More Effective Than L2
The infinite computing layer leads the way for real-world applications.

Limitless surprise TGE: Secret launch to avoid sniping, but unavoidable market doubts
The secretive launch did allow Limitless to avoid technical sniping, but it also made it more difficult for outsiders to trace the early flow of funds.

Virtuals Robotics: Why Did We Enter the Field of Embodied Intelligence?
Digital intelligence gains embodiment, with thought and action merging in the field of robotics.

JPMorgan to Accept Bitcoin and Ethereum as Loan Collateral in 2025
Trending news
MoreCrypto prices
More








