Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

OpenAI Atlas omnibox boundary-failure jailbreak security flaw

Vulnerability
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

Researchers validated a boundary failure in the OpenAI Atlas omnibox that lets disguised prompts be treated as URLs, creating silent jailbreak risk. The parsing flaw can override user intent, trigger cross-domain actions, and bypass safety layers when malformed input is reinterpreted as trusted prompt content. Abuse examples include a Copy Link trap that can send users to a lookalike site to phish credentials and a destructive prompt that could make Atlas delete files through an authenticated session. The finding was validated on October 24, 2025 and disclosed in a blog report.

Related Happenings

Google dark web report shutdown and scan retirement in February 2026

Security Tool/Service
First: 16.12.2025 08:02 Last: 16.12.2025 08:02 Sources 1

About this happening: **Google** is discontinuing its **Dark Web report** in **February 2026**, removing a consumer security feature that monitored whether personal information appeared on the dark web...

Open Happening

Gemini Enterprise zero-click indirect prompt injection security flaw

Vulnerability
First: 10.12.2025 14:05 Last: 10.12.2025 14:05 Sources 1

About this happening: **Google Gemini Enterprise** and **Vertex AI Search** were patched after researchers found a **zero-click indirect prompt injection** flaw that could **exfiltrate sensitive corpor...

Open Happening

AI browsers indirect prompt injection via URL fragments HashJack security flaw

Vulnerability
First: 26.11.2025 12:15 Last: 26.11.2025 12:15 Sources 1

About this happening: **HashJack** is an **indirect prompt injection** vulnerability in **AI browsers** that hides attacker instructions after the **# symbol** in legitimate URLs, letting a normal-look...

Open Happening

Tenable's ChatGPT prompt-injection and url_safe bypass analysis

Technical Analysis
First: 06.11.2025 17:49 Last: 06.11.2025 17:49 Sources 1

About this happening: Tenable uncovered **seven ChatGPT vulnerabilities** that let attackers drive **prompt injection**, **phishing redirects**, and **memories/chat history exfiltration** through **Sea...

Open Happening

ChatGPT/SearchGPT prompt injection and data exfiltration weaknesses security flaw

Vulnerability
First: 06.11.2025 12:00 Last: 06.11.2025 12:00 Sources 1

About this happening: Researchers uncovered **seven weaknesses** in **OpenAI's ChatGPT/SearchGPT** that could let an attacker use **prompt injection** and **safety bypass** techniques to steal **privat...

Open Happening

Timeline

  1. 25.10.2025 14:35 1 articles · 7mo ago

    OpenAI Atlas omnibox boundary failure validated

    Technical Analysis Update

    NeuralTrust validated a boundary failure in the OpenAI Atlas omnibox on October 24, 2025, showing that a URL-like string could be accepted as a URL and then reinterpreted as a prompt with fewer checks and elevated trust, enabling silent jailbreak behavior that can override user intent and trigger cross-domain actions.

    Show sources
    Open in new tab
  2. 25.10.2025 14:35 1 articles · 7mo ago

    NeuralTrust discloses the OpenAI Atlas jailbreak flaw

    Initial Disclosure

    NeuralTrust publicly disclosed the validated OpenAI Atlas omnibox flaw on October 25, 2025, describing how disguised prompt instructions can be treated as URLs and used for copy-link abuse, Google lookalike credential phishing, and destructive actions through the user's authenticated session.

    Show sources
    Open in new tab