A vulnerability in Firefox's AI chatbot integration could enable malicious websites to inject hidden instructions into AI prompts to extract email data.

Archive Window: 7 Days Left

Germany

Who

Florian Port, ERNW, Mozilla, Anthropic Claude, ChatGPT, Google Gemini, Le Chat Mistral, Microsoft Copilot

What

A vulnerability in Firefox's AI chatbot integration could enable malicious websites to inject hidden instructions into AI prompts to extract email data.

When

Wed, 17 Jun 2026 12:17:28 GMT · 4h 15m ago

Where

Germany ·

Why

The flaw arose because Firefox inserted attacker-controlled webpage titles directly into AI prompts, allowing prompt injection.

The Frontline Impact

How this affects you

This vulnerability could allow attackers to surreptitiously steal sensitive information, such as login codes, from a user's email account through the browser's integrated AI chatbot features. Users should be cautious about the permissions they grant to AI chatbots to protect their personal data.

Story chain

2 events in this thread

Currently Reading4h 15m ago
A vulnerability in Firefox's AI chatbot integration could enable malicious websites to inject hidden instructions into AI prompts to extract email data.
Technology4h 15m ago
A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts.
Open article

Verified Sources & Citations

CyberInsider
https://cyberinsider.com/firefox-ai-chatbot-feature-exposed-users-to-email-theft-risk/
HIGH