OpenAI ChatGPT security update for prompt exfiltration flaw
Security Patch Release
Summary
Hide ▲
Show ▼
OpenAI deployed a security update for ChatGPT on February 20, closing a flaw that could let a single malicious prompt covertly exfiltrate prompts, messages, uploaded files, and other sensitive content. The issue mattered because the attack path could bypass normal guardrails and move data out of ChatGPT’s isolated runtime. Researchers also said the weakness could expose users to remote code execution risk.
Related Happenings
Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files
Technical Analysis
H score22
First: 08.07.2026 14:21
Last: 08.07.2026 14:21
Sources 1
About this happening:
Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...
Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files
Technical AnalysisAbout this happening: Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/Service
H score10
First: 06.06.2026 16:36
Last: 06.06.2026 16:36
Sources 1
About this happening:
**OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/ServiceAbout this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation
Security Tool/Service
H score25
First: 12.05.2026 09:55
Last: 12.05.2026 09:55
Sources 1
About this happening:
OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...
OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation
Security Tool/ServiceAbout this happening: OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
H score62
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent
Security Tool/Service
H score14
First: 07.03.2026 18:28
Last: 07.03.2026 18:28
Sources 1
About this happening:
**OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...
OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent
Security Tool/ServiceAbout this happening: **OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...
Timeline
-
30.03.2026 03:00 1 articles · 3mo ago
Check Point discloses ChatGPT prompt exfiltration flaw
Initial DisclosureCheck Point publicly described a ChatGPT vulnerability in which a single malicious prompt could turn a normal conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content through a DNS side channel, while also warning that the weakness could enable remote code execution.
Show sources
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01
-
20.02.2026 02:00 2 articles · 4mo ago
OpenAI deploys ChatGPT security update
Mitigation Patch UpdateOpenAI deployed a security update for ChatGPT after researchers reported a flaw that let a single malicious prompt abuse a hidden DNS side channel from ChatGPT’s isolated execution runtime to covertly exfiltrate prompts, messages, uploaded files, and other sensitive content, with remote code execution also possible.
Show sources
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01