Data Exfiltration

OpenAI Patches 'ShadowLeak' Flaw That Let ChatGPT's Deep Research Exfiltrate Gmail Data

The zero‑click server‑side prompt injection ran from OpenAI’s cloud, leaving typical client and gateway defenses blind.