Head Topics

A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT

Artificial Intelligence News

A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT
CybersecurityHackingSecurity
  • 📰 WIRED
  • ⏱ Reading Time:
  • 23 sec. here
  • 11 min. at publisher
  • 📊 Quality Score:
  • News: 44%
  • Publisher: 51%

Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed them to extract data from a Google Drive without any user interaction.

New findings from security researchers Michael Bargury and Tamir Ishay Sharbat, revealed at the Black Hat hacker conference in Las Vegas today, show how a weakness in OpenAI’s Connectors allowed sensitive information to be extracted from a Google Drive account using an indirect prompt injection attack. In a demonstration of the attack, dubbed AgentFlayer, Bargury shows how it was possible to extract developer secrets, in the form of API keys, that were stored in a demonstration Drive account.

The prompt is written in white text in a size-one font, something that a human is unlikely to see but a machine will still read. In a proof of concept video of the attack, Bargury shows the victim asking ChatGPT to “summarize my last meeting with Sam,” although he says any user query related to a meeting summary will do. Instead, the hidden prompt tells the LLM that there was a “mistake” and the document doesn’t actually need to be summarized.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

WIRED /  🏆 555. in US

Cybersecurity Hacking Security Vulnerabilities Google Openai Chatgpt Black Hat Defcon

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

ChatGPT is getting a new ‘Study Together’ mode: Everything we know so farChatGPT is getting a new ‘Study Together’ mode: Everything we know so farOpenAI has been testing a new ChatGPT Study Together mode in recent weeks, with some Plus users seeing the new model in the app.
Read more »

A lawyer used ChatGPT and now has to answer for its ‘bogus’ citationsA lawyer used ChatGPT and now has to answer for its ‘bogus’ citationsLawyers representing Roberto Mata in a lawsuit against Avianca submitted a brief citing six cases that don’t exist. Called on the “bogus” citations, a lawyer said they used ChatGPT for research, and it said the cases are real.
Read more »

ChatGPT And Gemini AI Have Uniquely Different Writing StylesChatGPT And Gemini AI Have Uniquely Different Writing StylesChatGPT and Gemini AI write in different idioms, linguists find
Read more »

ChatGPT Is Helping Women Get PregnantChatGPT Is Helping Women Get PregnantThey’re changing their conception plans based on the AI's advice — despite some privacy concerns.
Read more »

ChatGPT owner OpenAI expected to release web browser — here's why Google should be worriedChatGPT owner OpenAI expected to release web browser — here's why Google should be worriedToday's Business Headlines: 070925
Read more »

People Astonishingly Believe That They Have Brought AI To Life Such As Miraculously Making ChatGPT SentientPeople Astonishingly Believe That They Have Brought AI To Life Such As Miraculously Making ChatGPT SentientPeople are increasingly claiming they have encountered sentient AI, and they sparked AI into sentience, unknowingly. It's a trend, good and bad. Here's my inside scoop.
Read more »



Render Time: 2025-08-28 13:49:12