New ‘Zero-Click’ ChatGPT Attack Threatens User Data, Researchers Warn at Black Hat
New ‘Zero-Click’ ChatGPT Attack Threatens User Data, Researchers Warn at Black Hat
Security researchers today unveiled a critical ‘zero-click’ vulnerability in OpenAI’s ChatGPT Connectors at the Black Hat hacker conference in Las Vegas, demonstrating how a single ‘poisoned’ document could be used to extract sensitive user data.
Dubbed ‘AgentFlayer’ by Zenity CTO Michael Bargury and Tamir Ishay Sharbat, the indirect prompt injection attack exploited a weakness that allowed API keys and other confidential information to be siphoned from linked services like Google Drive. The researchers emphasized the severe nature of the flaw, explaining that users require ‘nothing to do to be compromised’ and that data could be exfiltrated simply by sharing a malicious document via email.
This discovery underscores the growing attack surface created by connecting powerful AI models to external data sources, increasing the risk of sophisticated cyberattacks. While OpenAI reportedly implemented mitigations swiftly after being notified earlier this year, and Google Workspace has enhanced its own AI security measures, the incident highlights the ongoing challenge of securing AI integrations. OpenAI had introduced Connectors as a beta feature to allow ChatGPT to interact with services like Gmail, GitHub, and calendars.
Disclaimer: This content is aggregated from public sources online. Please verify information independently. If you believe your rights have been infringed, contact us for removal.