Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

Summary by Ars Technica
Unlike most prompt injections, ShadowLeak executes on OpenAI’s cloud-based infrastructure.

3 Articles

Ars TechnicaArs Technica
Center

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

Unlike most prompt injections, ShadowLeak executes on OpenAI’s cloud-based infrastructure.

·United States
Read Full Article
stocktitan.netstocktitan.net

Zero-Click Data Theft: Radware Exposes Major Security Flaw in ChatGPT Used by 5M Companies

Radware discovers ShadowLeak vulnerability enabling autonomous data theft through ChatGPT's Deep Research agent. Critical flaw affects 5M business users, bypasses security controls with no user action needed.

Read Full Article
cybernoz.comcybernoz.com

0-Click ChatGPT Agent Vulnerability Allows Sensitive Data Exfiltration From Gmail - Cybernoz - Cybersecurity News

A zero-click vulnerability discovered in ChatGPT’s Deep Research agent allowed attackers to exfiltrate sensitive data from a user’s Gmail account without any user interaction. The flaw, which OpenAI has since patched, leveraged a sophisticated form of indirect prompt injection hidden within an email, tricking the agent into leaking personal information directly from OpenAI’s cloud infrastructure. According to Radware, the attack began with an at…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

cybernoz.com broke the news in on Thursday, September 18, 2025.
Sources are mostly out of (0)

Similar News Topics

OpenAI icon

OpenAI

ChatGPT icon

ChatGPT

News
For You
SearchBlindspotLocal