A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts.

Archive Window: 7 Days Left

not specified

Who

Mozilla, Florian Port, ERNW, Microsoft Copilot, Anthropic Claude, ChatGPT, Google Gemini, Le Chat Mistral

What

A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts.

When

Wed, 17 Jun 2026 12:17:28 GMT · 3h 1m ago

Where

not specified ·

Why

The flaw allowed malicious pages to craft a title that broke out of the intended prompt structure and injected additional commands that the AI model interpreted as user instructions.

The Frontline Impact

How this affects you

This vulnerability could lead to the theft of sensitive user data, such as login or verification codes from email subject lines, through hidden instructions sent to AI chatbots.

Story chain

2 events in this thread

Technology3h 1m ago
A vulnerability in Firefox's AI chatbot integration could enable malicious websites to inject hidden instructions into AI prompts to extract email data.
Open article
Currently Reading3h 1m ago
A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts.

Verified Sources & Citations

CyberInsider
https://cyberinsider.com/firefox-ai-chatbot-feature-exposed-users-to-email-theft-risk/
HIGH