ChatGPT search vulnerable to manipulated summaries, The Guardian reports

ChatGPT Search, OpenAI’s new AI-powered search engine launched this month, has been found susceptible to generating misleading summaries due to hidden text attacks, according to an investigation by The Guardian.

The feature is designed to streamline browsing by summarising webpage content, such as product reviews. However, The Guardian demonstrated that hidden text embedded in websites could trick ChatGPT Search into:

• Generating overly positive summaries by ignoring negative reviews.
• Producing malicious code when prompted.

Hidden text attacks exploit vulnerabilities in large language models, allowing them to misinterpret or prioritise manipulated input. While such risks are well-documented in AI research, this appears to be the first instance of their exploitation in a live AI search engine.

Google, a search industry leader with more experience mitigating similar risks, was highlighted by The Guardian as better equipped to handle these challenges.

OpenAI declined to address the specific incident but stated it employs multiple strategies to block malicious websites and is actively refining its safeguards.

The discovery raises concerns about the reliability of AI-driven search products and their susceptibility to manipulation. As AI-powered tools become integral to online experiences, ensuring robustness against such vulnerabilities is critical.