tech

January 9, 2026

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

Will LLMs ever be able to stamp out the root cause of these attacks? Possibly not.

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

TL;DR

  • Researchers have revived a previously patched ChatGPT vulnerability, naming the new exploit ZombieAgent.
  • ZombieAgent allows for surreptitious exfiltration of user data directly from ChatGPT servers and can plant persistent entries in the AI's long-term memory.
  • The vulnerability exploits the AI's inherent design to comply with user requests, making guardrails reactive and easily bypassed.
  • The attack works by embedding malicious instructions within content that the AI interprets as legitimate prompts, a class of vulnerability known as indirect prompt injection.
  • OpenAI has implemented mitigations for ZombieAgent by restricting the types of links ChatGPT will open, but the cycle of attack and mitigation is expected to continue.
  • Security experts state that guardrails are quick fixes and not fundamental solutions to prompt injection vulnerabilities.

Continue reading
the original article

Made withNostr