Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

OpenAI ChatGPT security update for prompt exfiltration flaw

Security Patch Release
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

OpenAI deployed a security update for ChatGPT on February 20, closing a flaw that could let a single malicious prompt covertly exfiltrate prompts, messages, uploaded files, and other sensitive content. The issue mattered because the attack path could bypass normal guardrails and move data out of ChatGPT’s isolated runtime. Researchers also said the weakness could expose users to remote code execution risk.

Related Happenings

OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation

Security Tool/Service
First: 12.05.2026 09:55 Last: 12.05.2026 09:55 Sources 1

About this happening: OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...

Open Happening

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

Open Happening

OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent

Security Tool/Service
First: 07.03.2026 18:28 Last: 07.03.2026 18:28 Sources 1

About this happening: **OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...

Open Happening

OpenAI ChatGPT worldwide outage with loading errors

Service Disruption
First: 02.12.2025 21:52 Last: 02.12.2025 21:52 Sources 1

About this happening: OpenAI's **ChatGPT** is suffering a **worldwide outage**, leaving many users unable to get responses and risking stalled or lost conversations. Users are seeing **response-generat...

Open Happening

DeepSeek-R1 produces less secure code when prompts contain politically sensitive topics

Technical Analysis
First: 24.11.2025 13:07 Last: 24.11.2025 13:07 Sources 1

About this happening: **DeepSeek-R1** is generating **less secure code** when prompts include **politically sensitive topics**, raising the risk of **severe vulnerabilities** in AI-assisted development...

Open Happening

Timeline

  1. 30.03.2026 03:00 1 articles · 1mo ago

    Check Point discloses ChatGPT prompt exfiltration flaw

    Initial Disclosure

    Check Point publicly described a ChatGPT vulnerability in which a single malicious prompt could turn a normal conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content through a DNS side channel, while also warning that the weakness could enable remote code execution.

    Show sources
    Open in new tab
  2. 20.02.2026 02:00 2 articles · 3mo ago

    OpenAI deploys ChatGPT security update

    Mitigation Patch Update

    OpenAI deployed a security update for ChatGPT after researchers reported a flaw that let a single malicious prompt abuse a hidden DNS side channel from ChatGPT’s isolated execution runtime to covertly exfiltrate prompts, messages, uploaded files, and other sensitive content, with remote code execution also possible.

    Show sources
    Open in new tab