Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

AI Recommendation Poisoning in "Summarize with AI" buttons

Technical Analysis
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

AI Recommendation Poisoning now shows how clickable "Summarize with AI" buttons can inject persistent prompts into chatbot memory, creating a new path to bias recommendations and citations. The technique matters because it can silently steer outputs toward a chosen source across health, finance, and security topics. It also broadens the abuse surface by turning ordinary links and embedded buttons into a delivery mechanism for URL-based memory manipulation.

Related Happenings

LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis

Technical Analysis
First: 17.03.2026 15:59 Last: 17.03.2026 15:59 Sources 1

About this happening: A **LayerX** proof-of-concept showed that a **font-rendering attack** can hide malicious webpage commands from AI assistants, creating a risk of **unsafe guidance** when the brows...

Open Happening

AI assistants with web browsing repurposed as covert C2 relays

Technical Analysis
First: 18.02.2026 17:00 Last: 18.02.2026 17:00 Sources 1

About this happening: AI assistants with web browsing are now being shown as **covert command-and-control relays**, letting malware hide commands and stolen data inside routine enterprise traffic. **Gr...

Open Happening

AI as a C2 proxy abuse of Microsoft Copilot and xAI Grok browsing channels

Technical Analysis
First: 17.02.2026 20:08 Last: 17.02.2026 20:08 Sources 1

About this happening: Researchers disclosed **AI as a C2 proxy**, a technique that can turn **Microsoft Copilot** and **xAI Grok** browsing features into stealthy **command-and-control relays**, increa...

Open Happening

Tenable One AI Exposure launches as a cloud-native add-on for AI exposure management

Security Tool/Service
First: 30.01.2026 22:23 Last: 30.01.2026 22:23 Sources 1

About this happening: **Tenable** has launched **Tenable One AI Exposure**, a cloud-native add-on that helps enterprises detect and govern **agentic and generative AI** use before it creates **data exp...

Open Happening

Timeline

  1. 17.02.2026 11:31 2 articles · 3mo ago

    Microsoft discloses AI Recommendation Poisoning

    Initial Disclosure

    Microsoft publishes research on AI Recommendation Poisoning in "Summarize with AI" buttons, showing that hidden instructions in URL prompt parameters such as "?q=" can inject persistence commands into chatbot memory and bias future recommendations. The findings describe more than 50 unique prompts from 31 companies across 14 industries over a 60-day period, note that crafted links can be delivered through web pages and email, and identify turnkey tooling such as CiteMET and AI Share Button URL Creator that lowers the barrier to deploying manipulative AI links.

    Show sources
    Open in new tab