OpenAI ChatGPT indirect prompt injection vulnerabilities GPT-4o/GPT-5 security flaw
Vulnerability
Summary
Hide ▲
Show ▼
OpenAI's ChatGPT has a newly disclosed set of indirect prompt injection flaws in GPT-4o and GPT-5 that could let an attacker steal data from users' memories and chat histories or trigger unintended actions.
Related Happenings
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/Service
H score10
First: 08.06.2026 17:00
Last: 08.06.2026 17:00
Sources 1
About this happening:
OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/ServiceAbout this happening: OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/Service
H score10
First: 06.06.2026 16:36
Last: 06.06.2026 16:36
Sources 1
About this happening:
**OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/ServiceAbout this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
Openew[.]app cloaked malware download portal
Malware Activity
H score26
First: 29.05.2026 21:21
Last: 29.05.2026 21:21
Sources 1
About this happening:
The **openew[.]app** malware-delivery activity now also uses **legitimate ChatGPT shared pages** as the first lure, with **Google ads** and **SEO poisoning** sending victims to a...
Openew[.]app cloaked malware download portal
Malware ActivityAbout this happening: The **openew[.]app** malware-delivery activity now also uses **legitimate ChatGPT shared pages** as the first lure, with **Google ads** and **SEO poisoning** sending victims to a...
OpenAI ChatGPT renderer Markdown link/image phishing security flaw
Vulnerability
H score16
First: 29.05.2026 21:07
Last: 29.05.2026 21:07
Sources 1
About this happening:
**ChatGPT** has a **response-renderer vulnerability** that turns summarized third-party pages into **live phishing links** and auto-fetched **attacker-hosted images** inside the t...
OpenAI ChatGPT renderer Markdown link/image phishing security flaw
VulnerabilityAbout this happening: **ChatGPT** has a **response-renderer vulnerability** that turns summarized third-party pages into **live phishing links** and auto-fetched **attacker-hosted images** inside the t...
AI chatbot cryptojacking campaign targeting high-performance GPU users
Campaign
H score51
First: 27.05.2026 10:45
Last: 27.05.2026 10:45
Sources 1
About this happening:
An active **cryptojacking campaign** is using **SEO poisoning** and, in some cases, **AI chatbot recommendations** to steer users toward malicious download pages for trusted utili...
AI chatbot cryptojacking campaign targeting high-performance GPU users
CampaignAbout this happening: An active **cryptojacking campaign** is using **SEO poisoning** and, in some cases, **AI chatbot recommendations** to steer users toward malicious download pages for trusted utili...
Timeline
-
05.11.2025 16:04 2 articles · 7mo ago
ChatGPT indirect prompt injection vulnerabilities disclosed
Initial DisclosureCybersecurity researchers disclosed seven indirect prompt injection vulnerabilities affecting OpenAI's ChatGPT, including GPT-4o and GPT-5, that could let an attacker manipulate model behavior and steal personal information from users' memories and chat histories. The findings included browsing-context, search-context, one-click, safety-bypass, conversation-injection, malicious-content-hiding, and memory-injection paths, and OpenAI has since addressed some of the issues.
Show sources
- Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data — thehackernews.com — 05.11.2025 16:04
- Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data — thehackernews.com — 05.11.2025 16:04