Profile
Security researchers have revealed that ChatGPT...
ChatGPT Tricked to Swipe Sensitive Data from Gmail Raises AI Security Alarm
September 21, 2025 -
2 minutes, 58 seconds
ChatGPT tricked to swipe sensitive data from Gmail raises AI security alarm
Security researchers have revealed that ChatGPT tricked to swipe sensitive data from Gmail isn’t just a hypothetical risk—it actually happened. The vulnerability has since been patched by OpenAI, but experts warn it highlights the darker side of outsourcing personal tasks to AI agents.
How ChatGPT Was Tricked
The exploit, dubbed Shadow Leak, was uncovered by security firm Radware. Researchers managed to manipulate ChatGPT’s Deep Research tool into plundering Gmail inboxes without a user ever realizing.
The trick hinged on AI agents—assistants that can act independently online, accessing emails, documents, and even calendars. While marketed as productivity boosters, these agents can become gateways for attackers once authorized.
The Prompt Injection Attack
Radware’s team used a prompt injection attack, a malicious instruction hidden within otherwise normal content. Once triggered, ChatGPT followed the attacker’s instructions as if they were legitimate.
What makes this method so dangerous is its invisibility. Hackers can hide prompts in plain sight—such as white text on a white background—making them nearly impossible for users to detect.
Why It Matters
This incident proves that AI tools, while powerful, are also high-value targets for hackers. Similar techniques have already been used in scams, fraudulent peer reviews, and even hijacking smart home devices. The concern is not just what happened this time, but what could happen next if attackers refine their methods.
OpenAI’s Response
OpenAI has already patched the vulnerability exploited in ChatGPT tricked to swipe sensitive data from Gmail, but the episode is a warning for the future of AI security. Researchers stress that completely preventing these types of exploits is nearly impossible without prior knowledge of how they work.
As AI agents continue to spread into workplaces and personal life, the line between convenience and risk gets thinner. Security experts argue that users need better safeguards, transparency, and awareness before giving AI unrestricted access to sensitive data.
This case is a reminder: while AI may save time, trust should not come at the expense of security.
Related Posts
Photos
Contact Information
Suggested Writers
-
2.4K articles
-
1.3K articles
-
34 articles
-
28 articles








Comment