Trusted My Summarizer, Now My Fridge Is Encrypted — How Threat Actors Could Weaponize AI Summarizers with CSS-Based ClickFix Attacks

### Executive Summary This report demonstrates a proof-of-concept attack that hides attacker-controlled instructions in HTML using CSS/zero-width obfuscation and repeats them to "overdose" AI summarizers, causing automated summaries to output ClickFix-style ransomware execution steps; tests against commercial and custom summarizers reproduced the hidden payloads. The paper assesses impact, provides detection and mitigation recommendations (client-side sanitization, prompt filtering, payload pattern recognition, token balancing, UX warnings, enterprise policy), and discusses limitations and future research.