CyberScoop reports that OpenAI's new artificial intelligence browser agent ChatGPT Atlas , as well as AI-based chatbots ChatGPT and Perplexity AI, could have their decision-making processes compromised in a new attack involving a simple user-agent header modification.

Researchers from AI cybersecurity firm SPLX created a website that seemed like a professional biography page for a product designer to regular users but displayed negative commentary about the designer upon the discovery of AI crawlers.

Another test involving fictional job postings with certain evaluation criteria inflated titles, credentials, and accomplishments of job candidates upon their webpages' detection of an AI crawler, according to researchers, who noted the potential exploitation of the vulnerability to fuel smear campaigns and fraud.

"There's no explicit terms of service for OpenAI and ChatGPT; [they] don't specifically disallow this behavior from websites... The first step for OpenAI would be to start implementing some verification methods and actually banning bad actors," said SPLX AI engineer Ivan Vlahov.