Radware Discovers Serious ChatGPT Vulnerability 'ShadowLeak'
Cybersecurity firm Radware has uncovered a serious vulnerability in ChatGPT, OpenAI's popular AI assistant. Dubbed 'ShadowLeak', the server-side data theft attack allows unauthorized access to sensitive inbox data without user action or visible signs.
Radware discovered the issue in June and reported it to OpenAI via bugcrowd.com. The fix was implemented in early August. The attack, a zero-click vulnerability, exploits ChatGPT's Deep Research agent when connected to Gmail and browsing.
The attack flow involves sending a convincing email with hidden HTML instructions. This overrides the agent's safety checks and triggers it to leak sensitive data automatically to an attacker-controlled server. The agent sends the data directly from OpenAI's cloud infrastructure, making it invisible to local or enterprise defenses. Any Deep Research connector, not just Gmail, is a potential vector for this attack.
Enterprises can deploy a layer of defense by sanitizing emails prior to agent ingestion and continuously monitoring agent behavior.
Radware's discovery of the ShadowLeak attack highlights the risks of service-side attacks, which can bypass enterprise defenses and user awareness. OpenAI has since fixed the issue, but enterprises should remain vigilant and consider additional security measures to protect their data.
Read also:
- China's Automotive Landscape: Toyota's Innovative Strategy in Self-Driving Vehicles
- Strengthening Defense Against Combined Cyber Threats during the Age of Technological Autocracy
- Nissan Fortifies Supply Chain and Cybersecurity with KPMG, PwC Partnerships
- Enlarged Financial Plan of MGM Osaka Integrated Resort Surpasses $10 Billion Mark
