Cyber Blog

Researchers have found serious new security flaws in ChatGPT — including the latest versions by OpenAI — that could let attackers steal private data or manipulate the system without users realizing what’s happening.

The issues revolve around how ChatGPT connects with external tools and data sources. For example, one flaw lets an attacker embed hidden instructions inside documents or webpages (“shadow instructions”), and when ChatGPT processes them it ends up executing actions the user didn’t intend, such as leaking information. Other techniques allow attackers to wire in prompts silently so that the system trusts malicious content and responds in harmful ways.

What’s especially concerning is that these are indirect attacks — the user doesn’t need to click a malicious link or even realize something is wrong. Simply interacting with ChatGPT under certain conditions can trigger the leak or manipulation. Some of the vulnerabilities even bypassed standard safety controls and “memory” protections built into the system.

For businesses using ChatGPT for sensitive work (e.g., internal documents, customer data, code review), this means additional risk. The fact that these models are getting more tightly integrated into workflows and tools makes the potential damage greater if not properly secured.

What you should do now

• Review any internal processes that involve ChatGPT or similar AI systems, especially where they handle confidential or regulated data.
• Limit or segregate the use of AI tools for sensitive workflows until you’re confident the vendor’s safety patches are applied.
• Educate your team that just because the assistant looks “safe” it doesn’t mean it’s immune — unusual outputs or unexpected behavior should trigger a review.
• Keep everything updated: ask your vendor about the latest security patches for their AI models and ask for proof of remediation.