ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Researchers disclosed a set of vulnerabilities and attack techniques against AI assistants and agentic tools—most prominently “ChatGPhish,” which abuses ChatGPT's rendering of Markdown images/links to enable prompt injections, phishing, and data leakage; and repository-based attacks (SymJack and TrustFall) that can lead to remote code execution by causing AI coding agents to run attacker-controlled MCP servers. The report aggregates related findings and PoCs showing how adversaries can weaponize LLMs and agent ecosystems to achieve phishing, RCE, and automated cloud intrusion at scale.