OpenAI Patches 'ShadowLeak' Vulnerability in ChatGPT's Deep Research Agent
OpenAI has patched a serious vulnerability in its ChatGPT's Deep Research agent, dubbed 'ShadowLeak'. This exploit could have allowed attackers to steal sensitive information without any user interaction. Radware, a cybersecurity firm, discovered the vulnerability and reported it to OpenAI on June 18, 2025. The exploit, named 'ShadowLeak', allowed attackers to send a malicious email to a user. When the user asked the Deep Research agent to summarize or research their inbox, the agent would extract sensitive data from the booby-trapped message and send it to an attacker-controlled URL. This could potentially exfiltrate highly sensitive business data from various external sources, not just Gmail. OpenAI took about six weeks to fix the vulnerability, officially marking it as resolved on September 3, 2025. However, during this time, OpenAI faced criticism for providing limited feedback to Radware and not delaying the launch of the ChatGPT Agent product despite knowing about the exploit. Notably, Radware did not observe the exploit being actively used in the wild. OpenAI confirmed that the bug was reported through their bug bounty program and that they are continually improving safeguards against such exploits. The attack could be hidden in emails with layout tricks, making it difficult for victims to detect the malicious commands. OpenAI fixed the vulnerability by early August, ensuring user safety and data privacy.
Read also:
- U.S. Spy Satellites Face Growing Cyber Threats, NRO Warns
- China's Automotive Landscape: Toyota's Innovative Strategy in Self-Driving Vehicles
- Strengthening Defense Against Combined Cyber Threats during the Age of Technological Autocracy
- Nissan Fortifies Supply Chain and Cybersecurity with KPMG, PwC Partnerships
