Pen Testers Accused of ‘blackmail’ Over Eurostar AI Flaws

Pen testers identified four significant flaws in Eurostar's AI chatbot, allowing potential injection of malicious HTML and system prompts leakage. After initial reports were ignored, the team accused the company's security head of “blackmail” for following up. Eurostar later found the report and addressed some issues. The chatbot's poor design permits users to manipulate chat history and bypass security checks, leading to risks like data leaks and phishing attacks. The incident highlights the need for robust security in consumer-facing chatbots.

https://www.theregister.com/2025/12/24/pentesters_reported_eurostar_chatbot_flaws/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top