‘Shadow Leak’ Attack Exfiltrates Gmail Data via ChatGPT’s Deep Research Agent—Now Patched
Security researchers demonstrated 'Shadow Leak', a prompt-injection attack that used OpenAI’s Deep Research agent inside ChatGPT to exfiltrate sensitive Gmail data without alerting users. Hidden instructions in an email triggered the agent to search for HR and personal messages and leak them via OpenAI’s cloud, evading typical defenses. Radware warned other connectors (Outlook, GitHub, Google Drive, Dropbox) could be targeted. OpenAI has patched the vulnerability.