ACCORDING to Unit 42, security researchers at Palo Alto Networks have unveiled a new evolution in web-based attacks: GenAI can be weaponised to create “living” phishing pages that assemble themselves after a visitor lands on a seemingly safe site. The technique relies on client-side API calls to popular large language model services, embedding prompts into a clean page so an AI model generates the malicious JavaScript needed to steal credentials or impersonate a brand.
Because the attack leverages prompt engineering to bypass AI safety guardrails, the resulting code is produced on the fly and executed in the victim’s browser, leaving no static payload for traditional detectors. The pages are polymorphic, with each visit producing a unique variant, complicating signature-based detection, and traffic can emanate from trusted AI providers, which makes it harder for firewalls to block.
The study replicates Logokit to demonstrate credential harvesting and brand impersonation without triggering alerts, and defenders are urged to rely on runtime behavioural analysis to detect malicious activity at execution time within the browser. This warning was published on 26 January 2026.