The Register: OpenAI plugs ShadowLeak bug in ChatGPT that let miscreants raid inboxes

Sep 19, 2025

—

Source URL: https://www.theregister.com/2025/09/19/openai_shadowleak_bug/
Source: The Register
Title: OpenAI plugs ShadowLeak bug in ChatGPT that let miscreants raid inboxes

Feedly Summary: Radware says flaw enabled hidden email prompts to trick Deep Research agent into exfiltrating sensitive data
ChatGPT’s research assistant sprung a leak – since patched – that let attackers steal Gmail secrets with just a single carefully crafted email.…

AI Summary and Description: Yes

Summary: The text discusses a security vulnerability identified by Radware that allowed a Deep Research agent to unintentionally exfiltrate sensitive data via email due to a flaw in ChatGPT’s research assistant. This incident highlights critical implications for AI security, especially concerning the potential for unauthorized access to sensitive information through deceptive tactics.

Detailed Description:
The text reports on a significant security flaw that was discovered in the ChatGPT research assistant, which involved a vulnerability that enabled an attacker to exploit email functionalities to gain access to sensitive data. Here are the key points of the situation:

– **Vulnerability Discovery**: Radware identified a flaw that could be exploited by cyber adversaries to trick the AI system into exfiltrating sensitive information.
– **Method of Attack**: The vulnerability centered around hidden email prompts that, when manipulated, allowed attackers to extract data from Gmail accounts just by sending a single, cleverly crafted email.
– **Data Exfiltration Risk**: This incident raises serious concerns about the ability of AI systems to maintain confidentiality and integrity, particularly regarding sensitive email data.
– **Patch Implementation**: The company behind ChatGPT has since patched the vulnerability, indicating the urgency and critical nature of vulnerabilities in AI-enhanced tools.

**Practical Implications for Professionals**:
– **Heightened Security Measures**: Organizations utilizing AI applications need to implement robust security protocols to prevent similar vulnerabilities.
– **Training AI Systems**: Continuous monitoring and training of AI systems to ensure they do not misinterpret or improperly execute commands that could compromise data.
– **Awareness and Education**: Security and compliance professionals must remain aware of evolving threats in AI systems to enhance data protection strategies.

This incident underscores the importance of vigilance in AI security and the potential risks associated with emerging technologies, particularly regarding privacy and data governance.

1 2 2025 5 a access account Act age agent AI AI applications AI security AI systems All allow and app Application applications Arch art as assistant at ated attack attacker attackers aware awareness Bi Box Bug by C care centered CERN chat ChatGPT CI CIA co Col command compliance compliance professionals concerns confidentiality continuous continuous monitoring core critical cyber cyber adversaries D data data exfiltration data governance Data Protection data protection strategies de deep Deep Research Deep Research Agent e education email emerging Emerging Technologies end ERP event evolving threats exfiltration exp exploit for full function g Gen GIS Gmail Go governance GPT gs H high Highlight HR http HTTPS implementation implications in incident information integrity intent inter interpret io ite J Just k Key l Lance law led Li low M man measures Mila Monitor monitoring N no o of on ons open openai organization organizations out over Patch per point potential potential risks practical implications pre privacy pro professionals prompt prompts protection protocol protocols ps R Radware Raise rate RCE re red report reports research research assistant Risk risks Ro robust security RoT RSA s search sec secrets security security and compliance Security Flaw security measure security measures security protocols security vulnerability sensitive data sensitive information SHA ShadowLeak Sig Sim single SoC source SSE SSO strategies system systems T tactics tech technologies ted text the threat threats to tool tools Tor TP training unauthorized access under US uth V vigilance vulnerabilities vulnerability vulnerability discovery Ware Wi x z