Cybersecurity researchers have discovered a new AI-based technique that can compromise Google Chrome’s Password Manager. This emerging threat shows how hackers can use AI tools to launch sophisticated attacks, even with little technical expertise. Cato Networks published a report on March 18 that reveals how large language models (LLMs) can be tricked into creating malware, including a password-stealing tool.
This method is called an “immersive world jailbreak.”
Vitaly Simonovich, a threat intelligence researcher at Cato Networks, said, “Our new LLM jailbreak technique, which we’ve uncovered and called Immersive World, showcases the dangerous potential of creating an infostealer with ease.
The “immersive world” attack involves making a detailed, fictional scenario that engages the AI. This leads the AI to create code that can get around security measures. In tests, researchers were able to get sensitive data, including passwords stored in Google Chrome’s Password Manager.
Cato Networks told all relevant AI tool providers about the discovery. Microsoft and OpenAI said they received the threat disclosure. OpenAI said the generated code did not result from bypassing any built-in safeguards.
However, the implications for AI security are still serious.
DeepSeek prompts AI-driven malware
Google acknowledged the report but would not review the specifics of the compromised code.
This hesitance is a major concern for users who rely on browser-integrated password management. Zscaler’s March 20 report shows the growing vulnerabilities associated with AI. As AI usage in businesses increased by 3,000% year-over-year, strong security measures have become very important.
Zscaler’s analysis showed that a significant portion of AI-related transactions were blocked to prevent potential breaches. Deepen Desai, Chief Security Officer at Zscaler, emphasized the need for a Zero Trust approach to stay ahead of evolving threats. Zero trust everywhere is the key to staying ahead in the rapidly evolving threat landscape as cybercriminals look to leverage AI in scaling their attacks,” Desai said.
As AI continues to change industries, it also opens new ways for cyber threats to happen. This changing situation requires increased vigilance and proactive security adaptations from both businesses and consumers. More updates will be provided as more information is made available by the affected companies and cybersecurity researchers.
Image Credits: Photo by Solen Feyissa on Unsplash
Johannah Lopez is a versatile professional who seamlessly navigates two worlds. By day, she excels as a SaaS freelance writer, crafting informative and persuasive content for tech companies. By night, she showcases her vibrant personality and customer service skills as a part-time bartender. Johannah's ability to blend her writing expertise with her social finesse makes her a well-rounded and engaging storyteller in any setting.
