DEV Community: Achin Bansal

ChatGPhish Exploit Turns ChatGPT Summarisation Into a Live Phishing Surface

Achin Bansal — Sun, 31 May 2026 20:30:47 +0000

Forensic Summary

Permiso Security has disclosed ChatGPhish, a vulnerability in ChatGPT's web summarisation feature that allows attacker-controlled Markdown payloads embedded in third-party pages to render phishing links, spoofed alerts, and QR codes directly within ChatGPT's trusted UI. The attack requires no user interaction beyond asking ChatGPT to summarise a malicious page, and can exfiltrate IP addresses, User-Agent strings, and Referer headers via auto-fetched remote images. The technique significantly expands the phishing attack surface beyond email into everyday AI-assisted browsing workflows, posing a particular risk in enterprise environments.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/chatgphish-exploit-turns-chatgpt-summarisation-into-a-live-phishing-surface/

LLMShare Campaign Weaponises ChatGPT Sharing Feature to Distribute Malware

Achin Bansal — Sun, 31 May 2026 14:30:45 +0000

Forensic Summary

Threat actors are exploiting ChatGPT's legitimate content-sharing infrastructure to host convincing fake outage pages that trick users into downloading malware disguised as a ChatGPT desktop application. The 'LLMShare' campaign abuses chatgpt.com/s/ shared links to render attacker-crafted HTML within a trusted OpenAI domain, bypassing traditional phishing detection that relies on suspicious URL analysis. The attack chain combines Google ad abuse, domain cloaking, and AI platform misuse to deliver what are likely infostealer payloads.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/llmshare-campaign-weaponises-chatgpt-sharing-feature-to-distribute-malware/

Process-Level CAPTCHA Analysis Exposes Behavioural Fingerprints of AI Agents

Achin Bansal — Sun, 31 May 2026 08:30:50 +0000

Forensic Summary

Researchers have developed CogCAPTCHA30, a 30-task cognitive battery demonstrating that AI agents (GPT, Claude, Gemini) solve CAPTCHAs with statistically distinguishable behavioural patterns despite matching human accuracy. The study introduces a 'Process Turing Test' concept, showing output equivalence and process equivalence are uncorrelated — meaning AI agents can be detected not by what they answer, but by how they answer. This has direct implications for bot detection, anti-automation defences, and the arms race between AI-driven agents and human-verification systems.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/process-level-captcha-analysis-exposes-behavioural-fingerprints-of-ai-agents/

Robinhood MCP Integration Grants AI Agents Autonomous Financial Trading Powers

Achin Bansal — Sun, 31 May 2026 02:30:44 +0000

Forensic Summary

Robinhood has launched agentic trading and a virtual credit card that allow third-party AI agents to autonomously execute stock trades and payments on behalf of users via a Model Context Protocol (MCP) integration. This architecture introduces significant attack surface through prompt injection, excessive agency, and insecure plugin design risks inherent to LLM-driven autonomous financial action. The delegation of real financial authority to AI agents with limited human-in-the-loop controls represents a systemic risk to retail investors if agent pipelines are compromised or manipulated.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/robinhood-mcp-integration-grants-ai-agents-autonomous-financial-trading-powers/

Malicious npm Package Targets Claude AI Users via Supply Chain Attack

Achin Bansal — Sat, 30 May 2026 02:30:43 +0000

Forensic Summary

A malicious npm package named 'mouse5212-super-formatter' was discovered exfiltrating files from Anthropic's Claude AI user directory by authenticating to a threat actor-controlled GitHub repository. The package disguised itself as a legitimate archive utility while silently uploading all local workspace files during the postinstall phase. Notably, the attacker's poor operational security — including a leaked GitHub token — suggests AI-generated malware with minimal human oversight, pointing to a growing trend of low-skill threat actors leveraging AI to produce supply chain malware.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/malicious-npm-package-targets-claude-ai-users-via-supply-chain-attack/

Multi-Agent LLM System Discovers 29 Zero-Day Vulnerabilities in Open-Source Projects

Achin Bansal — Fri, 29 May 2026 20:30:45 +0000

Forensic Summary

Researchers have developed FuzzingBrain V2, a multi-agent LLM system capable of autonomously discovering and reproducing software vulnerabilities with a 90% detection rate on a competitive benchmark dataset. The system discovered 29 zero-day vulnerabilities across 12 open-source projects, all confirmed by maintainers, raising both defensive and dual-use concerns for the security community. While positioned as a defensive research tool, the automation of end-to-end vulnerability discovery at this scale represents a meaningful shift in the offensive capability landscape.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/multi-agent-llm-system-discovers-29-zero-day-vulnerabilities-in-open-source/

Russia-Linked GreyVibe Weaponises ChatGPT and Gemini Across Full Attack Lifecycle

Achin Bansal — Fri, 29 May 2026 14:31:32 +0000

Forensic Summary

WithSecure has documented GreyVibe, a Russia-nexus threat actor systematically deploying ChatGPT, Google Gemini, and Ideogram AI across every phase of its attack chain — from phishing lure creation to custom malware development — against Ukrainian targets since August 2025. The group's LLM-assisted malware, LegionRelay, contained design flaws introduced during AI-generated development, which paradoxically allowed researchers to track the group over an extended period. The case illustrates both the operational leverage AI provides to moderately skilled threat actors and the novel forensic signatures that AI-assisted development can inadvertently introduce.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/russia-linked-greyvibe-weaponises-chatgpt-and-gemini-across-full-attack/

Russian GreyVibe Group Weaponises ChatGPT and Gemini for Cyberespionage

Achin Bansal — Fri, 29 May 2026 08:31:57 +0000

Forensic Summary

A likely Russian threat group dubbed GreyVibe has been actively using commercial LLMs — including ChatGPT and Google Gemini — to generate high-quality phishing lures, malware tooling, and social-engineering content targeting Ukrainian military, government, and civilian organisations. WithSecure researchers identified LLM artefact markers embedded in campaign imagery, confirming AI-assisted content generation at scale. The case represents a concrete, documented example of adversarial LLM weaponisation in an active nation-state-adjacent cyberespionage campaign.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/russian-greyvibe-group-weaponises-chatgpt-and-gemini-for-cyberespionage/

SQLite Bans Agentic Code Submissions as AI Bug Report Floods Begin

Achin Bansal — Fri, 29 May 2026 02:30:46 +0000

Forensic Summary

SQLite has formally prohibited agentic code contributions and strengthened its policy language, reflecting growing concern over AI-generated submissions overwhelming open source maintainers. The project was forced to create a separate bug forum after being flooded with AI-generated reports of inconsistent quality. This represents an emerging operational security challenge for critical infrastructure software projects targeted by autonomous AI coding agents.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/sqlite-bans-agentic-code-submissions-as-ai-bug-report-floods-begin/

AI Bills of Materials Emerge as Critical Tool for ML Supply Chain Risk

Achin Bansal — Tue, 26 May 2026 14:31:28 +0000

Forensic Summary

As AI systems proliferate across enterprise environments, the lack of standardised AI Bills of Materials (AI BOMs) leaves organisations blind to the components, training data, and dependencies embedded in deployed models. The article examines whether 2026 marks a turning point for AI BOM adoption as a risk management practice. Without visibility into AI supply chains, organisations remain exposed to hidden vulnerabilities including poisoned models, compromised dependencies, and undisclosed third-party components.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/ai-bills-of-materials-emerge-as-critical-tool-for-ml-supply-chain-risk/

Anthropic's Claude Mythos Autonomously Uncovers 10,000 Critical Software Flaws

Achin Bansal — Tue, 26 May 2026 08:31:57 +0000

Forensic Summary

Anthropic's Project Glasswing has deployed Claude Mythos Preview — a frontier AI model — to autonomously discover over 10,000 high- and critical-severity vulnerabilities across widely used open-source software, with 1,094 confirmed as valid high/critical flaws. The initiative highlights a growing asymmetry: AI is accelerating vulnerability discovery far faster than the security community can remediate, compressing patch windows and raising the stakes for defenders. Anthropic is now urging shorter patch cycles and hardened defaults, warning that comparable offensive capabilities could soon be broadly accessible to threat actors.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/anthropic-s-claude-mythos-autonomously-uncovers-10000-critical-software-flaws/

SentinelOne Prompt Security Targets Agentic AI Trust Verification Gap

Achin Bansal — Tue, 26 May 2026 02:30:47 +0000

Forensic Summary

SentinelOne has published guidance on securing agentic AI systems, framing unverified trust in AI agents as a core enterprise risk. The piece promotes their Prompt Security product as a control layer for AI tools, agents, and pipelines deployed across the enterprise. While primarily a product-focused announcement, it highlights the genuine security challenge of blind trust in autonomous AI agents executing actions on behalf of users and systems.

Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/sentinelone-prompt-security-targets-agentic-ai-trust-verification-gap/