AI/ML, Vulnerability Management

Novel ShadowLeak attack against ChatGPT discovered, addressed

ChatGPT chatbot by OpenAI - artificial intelligence

Security Affairs reports that OpenAI's artificial intelligence chatbot ChatGPT has been impacted by a zero-click flaw, which could be exploited to facilitate a server-side data theft intrusion via malicious emails.

Attackers could distribute illicit emails with concealed HTML instructions ordering personally identifiable information exfiltration from email inboxes, according to Radware researchers.

"The leak is Service-side, occurring entirely from within OpenAI's cloud environment. The agent's built-in browsing tool performs the exfiltration autonomously, without any client involvement," said researchers.

OpenAI has already moved to address the vulnerability after being informed by Radware. While email sanitization could be implemented to thwart nefarious messages, such a threat request continuous agent behavior tracking, researchers said.

"A more robust mitigation is continuous agent behavior monitoring: tracking both the agent's actions and its inferred intent and validating that they remain consistent with the user's original goals. This alignment check ensures that even if an attacker steers the agent, deviations from legitimate intent are detected and blocked in real time," they added.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds