ChatGPT Targeted in Server-Side Data Theft Attack

Cyber

09/18/2025

ChatGPT has been targeted in a data theft attempt.

Researchers at Radware uncovered a server-side data theft method called ShadowLeak that targeted ChatGPT’s Deep Research feature. The attack involved sending a crafted email that silently instructed the AI agent to collect and exfiltrate sensitive data via a disguised URL, bypassing client-side security. OpenAI patched the vulnerability in August 2025 after being notified in June, but Radware warns that similar threats may still exist.

https://www.securityweek.com/chatgpt-deep-research-targeted-in-server-side-data-theft-attack/

Tagged: ChatGPT data theft OpenAI

Subscribe Sign In

Related Posts