[NEWSLETTER]score: 0.95
ChatGPT Web Summary Renderer Injects Phishing Links via Markdown from Processed Pages
June 1, 2026
ChatGPT's page summary feature renders Markdown links and image URLs from processed web content without sufficient sanitization, allowing attacker-controlled pages to inject phishing links and malicious payloads directly into the assistant interface.
HOW THIS AFFECTS YOU
●
builderIf you are building on ChatGPT's browsing or summarization APIs, treat rendered output as untrusted — this attack vector applies to any assistant that renders third-party web content.
●
policyPrompt injection via web content into assistant UIs is an active, exploitable attack class — not theoretical — and warrants inclusion in AI system threat models.