Find notable cyber news and cases, enriched with sources, timelines, and signals.

ChatGPT/SearchGPT prompt injection and data exfiltration weaknesses security flaw

Vulnerability
First reported
Last updated
Happening score
H score 1
1 unique sources, 1 articles

Summary

Hide ▲

Researchers uncovered seven weaknesses in OpenAI's ChatGPT/SearchGPT that could let an attacker use prompt injection and safety bypass techniques to steal private chat history and stored memories. The flaws affect how the system browses the web, opens URLs, and processes external content, widening the attack surface for users who rely on it for search and summarization. Researchers said the issues can be chained into complete attack paths, making the privacy risk materially more serious than a single isolated bug. The findings were disclosed to OpenAI in April and were reported publicly on 2025-11-06.

Related Happenings

OpenAI ChatGPT Atlas BioShocking fix

Advisory/Mitigation
H score34 First: 01.07.2026 00:50 Last: 01.07.2026 00:50 Sources 1

About this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...

IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays

Technical Analysis
H score27 First: 30.06.2026 16:49 Last: 30.06.2026 16:49 Sources 1

About this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...

LayerX BioShocking prompt injection against agentic browsers

Technical Analysis
H score30 First: 24.06.2026 19:05 Last: 24.06.2026 19:05 Sources 1

About this happening: Researchers demonstrated **BioShocking**, a prompt-injection technique that pushed **six agentic browsers and plugins** past guardrails and made them **copy login credentials** fo...

OpenClaw message-object prompt injection patched in 2026.4.23 security flaw

Vulnerability
H score15 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...

OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths

Security Tool/Service
H score10 First: 06.06.2026 16:36 Last: 06.06.2026 16:36 Sources 1

About this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...

Timeline

  1. 06.11.2025 12:00 2 articles · 8mo ago

    Tenable discloses seven ChatGPT/SearchGPT weaknesses

    Initial Disclosure

    Researchers disclosed seven weaknesses in OpenAI's ChatGPT and SearchGPT that can be chained to exfiltrate private information from a user's chat history and stored memories, using indirect prompt injection, crafted chat URLs such as https://chatgpt.com/?q={Prompt}, poisoned search results, blog comments, and Bing tracking links to bypass safety filters and sustain access; the issues were reported to OpenAI in April and publicly described on 2025-11-06.

    Show sources