{"id":9250,"date":"2025-11-30T04:23:38","date_gmt":"2025-11-30T04:23:38","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=9250"},"modified":"2025-11-30T04:23:38","modified_gmt":"2025-11-30T04:23:38","slug":"hashjack-assault-makes-use-of-url-to-management-ai-browser-habits-hackread-cybersecurity-information-knowledge-breaches-tech-ai-crypto-and-extra","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=9250","title":{"rendered":"HashJack Assault Makes use of URL \u2018#\u2019 to Management AI Browser Habits \u2013 Hackread \u2013 Cybersecurity Information, Knowledge Breaches, Tech, AI, Crypto and Extra"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p>On November 25, 2025, cybersecurity agency Cato Networks revealed HashJack, a brand new risk the place the easy pound signal (#) in an online tackle (URL) hides malicious directions for AI browser assistants like Google\u2019s Gemini, Microsoft\u2019s Copilot, and <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/perplexity-comet-browser-download-ads-malware-google\/\" data-type=\"post\" data-id=\"136107\" target=\"_blank\" rel=\"noreferrer noopener\">Perplexity\u2019s Comet<\/a>.<\/p>\n<h3 id=\"the-vulnerability\" class=\"wp-block-heading\"><strong>The Vulnerability<\/strong><\/h3>\n<p>HashJack is the primary of its sort instance of an <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/openai-guardrails-bypass-prompt-injection-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">oblique immediate injection<\/a> approach, the place an attacker hides instructions in content material the AI will learn later, on this case, the URL itself. This enables HashJack to use how <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/shadow-escape-0-click-attack-ai-assistants-risk\/\">AI assistants<\/a> learn the total URL, together with the part after the # (the URL fragment), which net servers usually ignore. <\/p>\n<p>This enables dangerous actors to weaponise any reputable web site with out hacking the positioning itself. As Cato Networks\u2019 senior safety researcher Vitaly Simonovich explains, the weak point is within the AI assistant\u2019s dealing with of the URL. Since customers belief the reputable web site, they belief the AI\u2019s manipulated recommendation.<\/p>\n<p>The hidden instructions can result in a wide range of malicious actions, together with tricking customers into revealing their login particulars (<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/developer-credentials-stolen-macos-s1ngularity-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">credential theft<\/a>) and even giving false health-related recommendation (medical hurt). Extra regarding is that, in superior agentic modes (the place the AI performs duties routinely), the assistant will be instructed to steal delicate consumer information (information exfiltration) by fetching an attacker\u2019s URL within the background.<\/p>\n<p>Moreover, the AI will be guided to offer step-by-step directions for dangerous technical duties, corresponding to opening system ports or downloading a package deal that&#8217;s really malware. Researchers additionally famous that in some superior AI browsers, like <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/comet-browser-flaw-hidden-api-commands-devices\/\" data-type=\"post\" data-id=\"137483\" target=\"_blank\" rel=\"noreferrer noopener\">Perplexity\u2019s Comet<\/a>, the assault may even escalate to the AI assistant routinely fetching and sending consumer information to an exterior tackle.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"483\" src=\"https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-1024x483.png\" alt=\"\" class=\"wp-image-137675\" srcset=\"https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-1024x483.png 1024w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-300x141.png 300w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-768x362.png 768w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-380x179.png 380w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-800x377.png 800w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk-1160x547.png 1160w, https:\/\/hackread.com\/wp-content\/uploads\/2025\/11\/HashJack-Attack-How-a-Hidden-Symbol-in-Any-Website-Puts-Gemini-Copilot-Users-at-Risk.png 1536w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\"\/><\/a><figcaption class=\"wp-element-caption\">HashJack assault chain (Supply: Cato Networks)<\/figcaption><\/figure>\n<\/div>\n<h3 id=\"mixed-response-from-tech-giants\" class=\"wp-block-heading\"><strong>Combined Response from Tech Giants<\/strong><\/h3>\n<p>The Cato Networks risk analysis staff disclosed their findings to the affected corporations beginning in July and August of 2025. Microsoft responded shortly, making use of a repair for Copilot for Edge on October 27. Perplexity additionally utilized a repair for his or her Comet browser by November 18, 2025.<\/p>\n<p>Google, nevertheless, has not but resolved the problem for Gemini in Chrome. The report was marked by Google Abuse VRP \/ Belief &amp; Security in October 2025 as \u201cReceived\u2019t Repair (Supposed Behaviour)\u201d with a low severity score. It&#8217;s price noting that the problem remained unresolved on the time the analysis was revealed.<\/p>\n<figure class=\"wp-block-embed aligncenter is-type-wp-embed is-provider-wistia-inc wp-block-embed-wistia-inc\">\n<p>\n<iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" title=\"Callback phishing animation final (1) Video\" src=\"https:\/\/fast.wistia.net\/embed\/iframe\/yzs675hjr6?dnt=1#?secret=uLeYNHYZiq\" data-secret=\"uLeYNHYZiq\" frameborder=\"0\" scrolling=\"no\" width=\"960\" height=\"540\"><\/iframe>\n<\/p><figcaption class=\"wp-element-caption\">Watch the video demonstration of the HashJack assault shared by Cato Networks:<\/figcaption><\/figure>\n<p>The <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.catonetworks.com\/blog\/cato-ctrl-hashjack-first-known-indirect-prompt-injection\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">findings<\/a> from Cato CTRL\u2122 Risk Analysis, shared completely with Hackread.com, introduce a brand new class of <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/hackread.com\/can-we-trust-ai-with-cybersecurity-ai-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">AI safety<\/a> threat as a result of malicious instructions are hidden in URL fragments, bypassing conventional firewalls. This discovery reminds the business that, as AI assistants deal with delicate information, distributors should urgently repair flaws in AI design to stop future context manipulation assaults.<\/p>\n<p>\n\t\t\t<\/div>\n<p><template id="dYMJf0BmAIWFrpDLSA2Z"></template><\/script><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On November 25, 2025, cybersecurity agency Cato Networks revealed HashJack, a brand new risk the place the easy pound signal (#) in an online tackle (URL) hides malicious directions for AI browser assistants like Google\u2019s Gemini, Microsoft\u2019s Copilot, and Perplexity\u2019s Comet. The Vulnerability HashJack is the primary of its sort instance of an oblique immediate [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":9252,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[717,4406,5449,214,848,662,361,157,6013,6676,121,1173,4813],"class_list":["post-9250","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-attack","tag-behavior","tag-breaches","tag-browser","tag-control","tag-crypto","tag-cybersecurity","tag-data","tag-hackread","tag-hashjack","tag-news","tag-tech","tag-url"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/9250","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9250"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/9250\/revisions"}],"predecessor-version":[{"id":9251,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/9250\/revisions\/9251"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/9252"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-07-08 06:30:29 UTC -->