Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenAI ChatGPT security update for prompt exfiltration flaw

Security Patch Release
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

OpenAI deployed a security update for ChatGPT on February 20, closing a flaw that could let a single malicious prompt covertly exfiltrate prompts, messages, uploaded files, and other sensitive content. The issue mattered because the attack path could bypass normal guardrails and move data out of ChatGPT’s isolated runtime. Researchers also said the weakness could expose users to remote code execution risk.

Related Happenings

Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files

Technical Analysis
H score22 First: 08.07.2026 14:21 Last: 08.07.2026 14:21 Sources 1

About this happening: Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...

OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths

Security Tool/Service
H score10 First: 06.06.2026 16:36 Last: 06.06.2026 16:36 Sources 1

About this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...

OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation

Security Tool/Service
H score25 First: 12.05.2026 09:55 Last: 12.05.2026 09:55 Sources 1

About this happening: OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
H score62 First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

OpenAI Codex Security rolls out as a research-preview vulnerability-finding agent

Security Tool/Service
H score14 First: 07.03.2026 18:28 Last: 07.03.2026 18:28 Sources 1

About this happening: **OpenAI** began rolling out **Codex Security** in **research preview**, adding an AI security agent that can **find, validate, and propose fixes** for vulnerabilities. The rollou...

Timeline

  1. 30.03.2026 03:00 1 articles · 3mo ago

    Check Point discloses ChatGPT prompt exfiltration flaw

    Initial Disclosure

    Check Point publicly described a ChatGPT vulnerability in which a single malicious prompt could turn a normal conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content through a DNS side channel, while also warning that the weakness could enable remote code execution.

    Show sources
  2. 20.02.2026 02:00 2 articles · 4mo ago

    OpenAI deploys ChatGPT security update

    Mitigation Patch Update

    OpenAI deployed a security update for ChatGPT after researchers reported a flaw that let a single malicious prompt abuse a hidden DNS side channel from ChatGPT’s isolated execution runtime to covertly exfiltrate prompts, messages, uploaded files, and other sensitive content, with remote code execution also possible.

    Show sources