New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses

Security researchers describe "ChatGPhish": a proof-of-concept browser-based prompt-injection attack where attacker-controlled content passed into ChatGPT's page-summarization feature can produce deceptive assistant outputs (phishing alerts, malicious links, or embedded QR codes) that bypass typical desktop protections and enable cross-device redirection.