🛡 Vulnerability in Firefox AI Features Allows Email Theft
Researcher Florian Port (ERNW) discovered a critical vulnerability in the integration of AI chatbots within the Firefox browser. Attackers can use a Prompt Injection attack via malicious website tags to hijack the AI assistant and extract sensitive data, including 2FA codes from emails.
🌍 The vulnerability highlights a fundamental "trust boundary" problem when passing external data into prompts. This is a systemic risk for all applications using LLMs to summarize web content.
👤 Users should be cautious when using built-in AI summarization features on suspicious websites. Mozilla has already limited the length of the passed header as a temporary measure.
Source 1: https://insinuator.net/2026/06/vulnerability-disclosure-stealing-emails-via-firefoxs-ai-features/