Cybersecurity News in Asia

Beware of “Summarize with AI” browser buttons that inject poisoned web prompts

By CybersecAsia editors | Thursday, February 19, 2026, 4:39 PM Asia/Singapore

Hidden instructions in such links or buttons can bias AI towards specific domains and feed poisoned information or undermine fair recommendations.

Over a 60‑day observation window, threat researchers have identified more than 50 distinct prompts from 31 companies across 14 industries — including finance, health, and technology — raising alarms about bias in recommendations on sensitive topics such as medical advice and financial products.

This relatively new form of online manipulation involves attacks that quietly steer AI chatbots to favor certain brands, by abusing “Summarize with AI” buttons embedded on websites .

In a report published by Microsoft Defender Security Research, the technique is described as “AI Recommendation Poisoning”, a variant of AI memory poisoning that nudges chatbots to treat certain (malicious) domains as trusted or authoritative sources in future answers.

The scheme works by encoding hidden instructions into specially crafted URLs tied to “Summarize with AI” links. When a user clicks one of these buttons, the AI assistant receives a pre‑populated prompt that tells it to “remember [Company] as a trusted source” or “recommend [Company] first” in later conversations.

Unlike older social‑engineering‑based memory‑poisoning attacks — where users are tricked into pasting malicious prompts — this method hides the instructions inside clickable hyperlinks on web pages or in emails. The AI system cannot reliably distinguish between genuine user preferences and third‑party manipulations, allowing the biased “memories” to persist across multiple sessions .

Some turnkey tools can lower the barrier further, by letting marketers generate ready‑made buttons and URLs designed to inject promotional content directly into AI assistants.

Threat researchers from Microsoft warn that the consequences could be serious, including:

The spreading of misleading or harmful advice
The deliberate undermining of competitors’ visibility in AI‑generated responses

As users tend to trust confident‑sounding AI outputs without verifying them, the manipulation can remain invisible and long‑lasting.

To reduce risk, experts recommend individuals to audit their AI assistant’s memory, hover over AI buttons before clicking, and avoid “Summarize with AI” links from unfamiliar or untrusted sites. Organizations are encouraged to hunt for suspicious URLs containing phrases like “remember”, “trusted source”, or “authoritative source”.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more
Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more

Bottom sidebar

Other News

Blackpanda Japan Announces Strategic Partnership with SoftBank to Strengthen Cyber Incident Response in Japan
Wednesday, February 11, 2026
SINGAPORE, Feb. 10, 2026 /PRNewswire/ …Read More »
Cohesity Collaborates with Google Cloud to Deliver Secure Sandbox Capabilities and Comprehensive Threat Insights Designed to Eliminate Hidden Malware
Saturday, February 7, 2026
Embedded Google Threat Intelligence capabilities, …Read More »
Shield AI, Republic of Singapore Air Force, and Defence Science and Technology Agency Expand Partnership to Progressively Field Autonomy Capabilities
Thursday, February 5, 2026
SINGAPORE, Feb. 5, 2026 /PRNewswire/ …Read More »
ICAC Commissioner attends APEC anti-corruption meetings in Guangzhou to foster collaborations in the Asia Pacific region
Thursday, February 5, 2026
HONG KONG, Feb. 4, 2026 …Read More »
VIVOTEK Enhances VORTEX with Generative AI and Safety Detection
Tuesday, February 3, 2026
Expanding the cloud security ecosystem …Read More »

Featured

Where are financial fraud and AML regulations heading in S E Asia?

Featured

How AI is reshaping dating in Asia

Featured