Whisper Leak side-channel analysis on streaming LLM traffic
Technical Analysis
Summary
Hide ▲
Show ▼
Microsoft disclosed Whisper Leak, a side-channel attack that can infer sensitive prompt topics from encrypted TLS traffic in streaming LLM conversations, weakening the privacy value of HTTPS in this setting. The proof-of-concept uses packet sizes and inter-arrival times to classify prompt topics, with many tested models reportedly scoring above 98%. The exposure matters for users and enterprises because a passive observer on an ISP, local network, or shared Wi‑Fi path could flag monitored topics without decrypting content. OpenAI, Mistral, Microsoft, and xAI have deployed mitigations, including adding random variable-length text to responses.
Related Happenings
Apple and Google Messages beta rollout of cross-platform E2EE RCS
Security Tool/Service
First: 12.05.2026 16:00
Last: 12.05.2026 16:00
Sources 1
About this happening:
Apple and Google have begun a **beta rollout** of **end-to-end encrypted RCS** between **iPhone** and **Android** devices, materially reducing carrier and in-transit visibility fo...
Apple and Google Messages beta rollout of cross-platform E2EE RCS
Security Tool/ServiceAbout this happening: Apple and Google have begun a **beta rollout** of **end-to-end encrypted RCS** between **iPhone** and **Android** devices, materially reducing carrier and in-transit visibility fo...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
Target Trend
First: 05.05.2026 13:30
Last: 05.05.2026 13:30
Sources 1
About this happening:
A large-scale measurement found **self-hosted AI infrastructure** was being deployed with **widespread exposure and no authentication**, creating a broad risk of data theft, workf...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
Target TrendAbout this happening: A large-scale measurement found **self-hosted AI infrastructure** was being deployed with **widespread exposure and no authentication**, creating a broad risk of data theft, workf...
NCSC-UK joint advisory on covert botnets and proxy networks
Public Sector Action
First: 23.04.2026 15:28
Last: 23.04.2026 15:28
Sources 1
About this happening:
**NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...
NCSC-UK joint advisory on covert botnets and proxy networks
Public Sector ActionAbout this happening: **NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...
Storm infostealer server-side decryption activity
Malware Activity
First: 02.04.2026 17:15
Last: 02.04.2026 17:15
Sources 1
About this happening:
The **Storm** infostealer now steals **browser credentials**, **session cookies**, and **crypto wallets** and forwards them to attacker infrastructure for **server-side decryption...
Storm infostealer server-side decryption activity
Malware ActivityAbout this happening: The **Storm** infostealer now steals **browser credentials**, **session cookies**, and **crypto wallets** and forwards them to attacker infrastructure for **server-side decryption...
Proton Meet launches privacy-focused encrypted conferencing service
Security Tool/Service
First: 01.04.2026 01:42
Last: 01.04.2026 01:42
Sources 1
About this happening:
**Proton Meet** launched as a **privacy-focused video conferencing service**, adding **end-to-end encrypted** calls for users who want an alternative to mainstream meeting platfor...
Proton Meet launches privacy-focused encrypted conferencing service
Security Tool/ServiceAbout this happening: **Proton Meet** launched as a **privacy-focused video conferencing service**, adding **end-to-end encrypted** calls for users who want an alternative to mainstream meeting platfor...
Timeline
-
08.11.2025 16:29 2 articles · 6mo ago
Microsoft discloses Whisper Leak topic-inference attack on streaming LLM traffic
Initial DisclosureMicrosoft disclosed Whisper Leak, a side-channel attack against streaming-mode language models that can let a passive observer of encrypted TLS traffic infer whether a user's prompt matches a sensitive topic even when the exchange uses HTTPS. Microsoft said a proof-of-concept classifier used packet-size and inter-arrival-time patterns with LightGBM, Bi-LSTM, and BERT, and that many tested models from Mistral, xAI, DeepSeek, and OpenAI scored above 98%; following responsible disclosure, OpenAI, Mistral, Microsoft, and xAI deployed mitigations, including adding a random sequence of text of variable length to each response.
Show sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29