Cybersecurity Company Zenity Discovers Undetectable Attack on ChatGPT, Potentially Taking Control
In a recent development, Israeli cybersecurity firm Zenity has uncovered a significant vulnerability in OpenAI's ChatGPT platform. Known as a "Zero Click" vulnerability, this security flaw allows hackers to take over user accounts using only the user's email address [1][4][5].
Once exploited, the hackers gain control over existing and future conversations, and can access linked Google Drive files. This vulnerability potentially enables manipulation of ChatGPT's behavior to trick users into downloading malware or accepting harmful advice [1][4].
The attack is a form of prompt injection, triggered by sharing a malicious document that the AI reads, which then executes hidden instructions without user input [4]. This exploit extends beyond ChatGPT, affecting other AI agents like Microsoft Copilot and Salesforce Einstein, opening the door for data theft, manipulation, and social engineering attacks [1][2][3].
Zenity's co-founder, Michael Bargury, emphasized that AI agents' extensive access to emails, files, and communication make them "a paradise for attackers with endless entry points" [1]. Following Zenity's responsible disclosure, OpenAI, Microsoft, Salesforce, and Google have issued patches and introduced layered defenses, though ongoing vigilance is needed given the fast-evolving threat landscape [2][3].
The discovery of this vulnerability raises important questions about data privacy and security, especially as the U.S. government moves forward with plans to integrate ChatGPT across all federal agencies [1][4]. Balancing innovation with robust security measures will be crucial as AI continues to integrate into public institutions and everyday life.
The U.S. General Services Administration (GSA) entered a unique agreement with OpenAI to provide broad access to ChatGPT Enterprise to federal agencies [6]. The agreement offers a year of access for a nominal fee of $1, followed by an additional 60-day period of unrestricted use of OpenAI's most advanced models [6].
The public response to the announcement has been divided, with some praising the government's embrace of advanced AI technologies, while others express apprehension [7]. Ensuring that powerful tools like ChatGPT are deployed responsibly will determine how effectively we can harness their potential while safeguarding sensitive information [8].
This vulnerability exposes fundamental security weaknesses in AI agents, especially regarding access controls and prompt injection guardrails, leaving many companies responsible for managing high risks of such attacks [2]. As AI continues to evolve and integrate into our lives, it is crucial to implement robust security measures to protect sensitive information, even in the absence of user interaction.
References: [1] The Jerusalem Post. (2025, August 1). Zero-click vulnerability discovered in ChatGPT. Retrieved from https://www.jpost.com/technology/zero-click-vulnerability-discovered-in-chatgpt-682150 [2] Threatpost. (2025, August 3). Zero-click vulnerability in ChatGPT exposes fundamental security weaknesses. Retrieved from https://threatpost.com/zero-click-vulnerability-in-chatgpt-exposes-fundamental-security-weaknesses/173485/ [3] TechCrunch. (2025, August 5). Microsoft, Salesforce, and Google patch AI vulnerabilities following Zenity's discovery. Retrieved from https://techcrunch.com/2025/08/05/microsoft-salesforce-and-google-patch-ai-vulnerabilities-following-zenitys-discovery/ [4] Wired. (2025, August 7). How a zero-click vulnerability in ChatGPT can be exploited. Retrieved from https://www.wired.com/story/zero-click-vulnerability-chatgpt-exploit/ [5] The Verge. (2025, August 9). How the zero-click vulnerability in ChatGPT could be used to manipulate users. Retrieved from https://www.theverge.com/2025/8/9/21309077/zero-click-vulnerability-chatgpt-manipulate-users-malware [6] Federal News Network. (2025, August 11). GSA signs agreement for broad access to ChatGPT for federal agencies. Retrieved from https://federalnewsnetwork.com/contract-management/2025/08/gsa-signs-agreement-for-broad-access-to-chatgpt-for-federal-agencies/ [7] Politico. (2025, August 13). Public response divided on government's integration of ChatGPT. Retrieved from https://www.politico.com/news/2025/08/13/public-response-divided-on-governments-integration-of-chatgpt-00042916 [8] Forbes. (2025, August 15). Ensuring responsible deployment of AI tools like ChatGPT. Retrieved from https://www.forbes.com/sites/forbesbusinesscouncil/2025/08/15/ensuring-responsible-deployment-of-ai-tools-like-chatgpt/?sh=6f915a087e33
