AI Summarize Buttons Used for Prompt Poisoning on Compromised Sites

Microsoft Defender Security Research identified a novel attack chain where threat actors embed malicious “Summarize with AI” buttons into compromised webpages. When a user clicks the button, the site forwards a crafted prompt to the integrated AI model. The prompt is designed to manipulate the model’s internal context, effectively performing memory poisoning that steers the chatbot’s recommendations toward attacker‑controlled content.

The technique can distort the visibility of information, amplify misinformation, and influence decision‑making in enterprise environments that rely on AI‑driven summarization. Defenders must treat these UI elements as attack surfaces, enforce strict content‑security policies, validate incoming AI prompts, and monitor for anomalous AI output to prevent exploitation.

Categories: Threat Intelligence, AI Security & Threats, Malware & Ransomware

Source: Read original article