Accommodation Africa
MENU
    • Loading ...
    • Loading ...
  • Loading ...
  • Loading ...
Main Pages
Top Cities
Top Regions
Top Districts
Top Countries
booking
viator
hotel

Accommodation Africa

Latest News

AI flaw leaked Gmail data before OpenAI patch

19 Oct 2025 By foxnews

AI flaw leaked Gmail data before OpenAI patch

Accommodation Africa introduces

A new cybersecurity warning reveals how hackers briefly weaponized ChatGPT's Deep Research tool. The attack, called ShadowLeak, allowed them to steal Gmail data through a single invisible prompt - no clicks, no downloads and no user action required.

Researchers at Radware discovered the zero-click vulnerability in June 2025. OpenAI patched it in early August after being notified, but experts warn that similar flaws could reappear as artificial intelligence (AI) integrations expand across popular platforms like Gmail, Dropbox and SharePoint.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my CYBERGUY.COM/NEWSLETTER

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Attackers embedded hidden instructions into an email using white-on-white text, tiny fonts or CSS layout tricks. The email looked completely harmless. But when a user later asked ChatGPT's Deep Research agent to analyze a Gmail inbox, the AI unknowingly executed the attacker's commands.

The agent then used its built-in browser tools to exfiltrate sensitive data to an external server, all within OpenAI's own cloud environment, beyond the reach of antivirus or enterprise firewalls.

Unlike previous prompt-injection attacks that ran on the user's device, ShadowLeak unfolded entirely in the cloud, making it invisible to local defenses.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

The Deep Research agent was designed to perform multistep research and summarize online data, but its wide access to third-party apps like Gmail, Google Drive and Dropbox also opened the door to abuse.

Radware researchers said the attack involved encoding personal data in Base64 and appending it to a malicious URL, disguised as a "security measure." Once sent, the agent believed it was acting normally.

The real danger lies in the fact that any connector could be exploited the same way if attackers manage to hide prompts in analyzed content.

"The user never sees the prompt. The email looks normal, but the agent follows the hidden commands without question," the researchers explained.

In a separate experiment, security firm SPLX showed another weakness: ChatGPT agents could be tricked into solving CAPTCHAs by inheriting a manipulated conversation history. Researcher Dorian Schultz noted that the model even mimicked human cursor movements, bypassing tests meant to block bots.

These incidents highlight how context poisoning and prompt manipulation can silently break AI safeguards.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

Even though OpenAI has patched the ShadowLeak flaw, it's smart to stay proactive. Cybercriminals are always looking for new ways to exploit AI agents and integrations. So, taking these precautions now can help keep your accounts and personal data secure.

Every connection is a potential entry point. Disable any integrations you're not actively using, such as Gmail, Google Drive or Dropbox. Fewer linked apps mean fewer ways for hidden prompts or malicious scripts to access your information.

Limit how much of your personal data is floating around the web. Data removal services can automatically remove your private details from people search sites and data broker databases, reducing what attackers can find and use against you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Treat every email, attachment or document with caution. Don't ask AI tools to analyze content from unverified or suspicious sources. Hidden text, invisible code or layout tricks could trigger silent actions that expose your private data.

Stay alert for updates from OpenAI, Google, Microsoft and other platforms. Security patches close newly discovered vulnerabilities before hackers can exploit them. Turn on automatic updates so you're always protected without having to think about it. 

A strong antivirus program adds another wall of defense. These tools detect phishing links, hidden scripts and AI-driven exploits before they cause harm. Schedule regular scans and keep your protection up to date.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

Think of your security like an onion; more layers make it tougher to breach. Keep your browser, operating system and endpoint security software fully updated. Add real-time threat detection and email filtering to block malicious content before it lands in your inbox.

AI is evolving faster than most security systems can keep up with. Even when companies move quickly to patch vulnerabilities, clever attackers find new ways to exploit integrations and context memory. Staying alert and limiting what your AI agents can access is your best defense.

Would you still trust an AI assistant with access to your personal email after learning how easily it can be tricked? Let us know by writing to us at Cyberguy.com..

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

Are you looking for a holiday? Get special deals.

 

More News

Booking.com
Teens turning to AI for love and comfort
Teens turning to AI for love and comfort
Discord confirms vendor breach exposed user IDs in ransom plot
Discord confirms vendor breach exposed user IDs in ransom plot
Vegas bets big on family tourism to revive slumping numbers - but not everyone's sold
Vegas bets big on family tourism to revive slumping numbers - but not everyone's sold
New Orleans couple digs up ancient Roman artifact in backyard, sets off worldwide mystery
New Orleans couple digs up ancient Roman artifact in backyard, sets off worldwide mystery
Jaguars' Travis Hunter notches first career touchdown vs Rams
Jaguars' Travis Hunter notches first career touchdown vs Rams
Trump calls Democrats 'kamikaze pilots' as shutdown standoff hits third week with no end in sight
Trump calls Democrats 'kamikaze pilots' as shutdown standoff hits third week with no end in sight
FBI investigates hunting stand with sight line to Trump's Air Force One exit area at Palm Beach airport
FBI investigates hunting stand with sight line to Trump's Air Force One exit area at Palm Beach airport
Matthew Stafford throws 5 TD passes as Rams crush Jaguars
Matthew Stafford throws 5 TD passes as Rams crush Jaguars
Bible-based diet could unlock the secret to lasting wellness, experts say
Bible-based diet could unlock the secret to lasting wellness, experts say
3 killed in US strike on Colombian ELN vessel smuggling narcotics, Hegseth says
3 killed in US strike on Colombian ELN vessel smuggling narcotics, Hegseth says
Chiefs' Rashee Rice scores first TD in return from suspension
Chiefs' Rashee Rice scores first TD in return from suspension
BTK killer's daughter calls him 'subhuman' after final prison confrontation ends relationship
BTK killer's daughter calls him 'subhuman' after final prison confrontation ends relationship
Jets' Justin Fields hit hard by Panthers defender, sparks brief scrap
Jets' Justin Fields hit hard by Panthers defender, sparks brief scrap
Kim Kardashian covers entire face with 'strange' nude mask at Academy Museum Gala, sparks online mystery
Kim Kardashian covers entire face with 'strange' nude mask at Academy Museum Gala, sparks online mystery
Karine Jean-Pierre writes she couldn't 'stomach' being a Democrat anymore after party's treatment of Biden
Karine Jean-Pierre writes she couldn't 'stomach' being a Democrat anymore after party's treatment of Biden
Florida fires football coach Billy Napier
Florida fires football coach Billy Napier
Johnson calls FBI's 'alarming' arrest of alleged Hamas terrorist proof of Biden immigration failures
Johnson calls FBI's 'alarming' arrest of alleged Hamas terrorist proof of Biden immigration failures
Jesús Montero, former Yankees top prospect and Mariners player, dead at 35
Jesús Montero, former Yankees top prospect and Mariners player, dead at 35
'Untold damage': Global assisted suicide movement targets children
'Untold damage': Global assisted suicide movement targets children
George Santos vows not to 'disappoint' Trump after surprise release, says he found God in prison
George Santos vows not to 'disappoint' Trump after surprise release, says he found God in prison
Latest News
ACCOMMODATION AFRICA

Promote Your Business with Accommodation Africa.

Providing first class business listings that deliver results for both users and businesses. Please Press Claim Listing if you are the business owner.

TOP REGIONS

All Regions
Kruger National Park
Drakensberg
East London
Midlands Meander
Port Elizabeth
Johannesburg
Pretoria
Hluhluwe Imfolozi Park
Mpumalanga
Port Shepstone
Kwazulu Natal
Glencoe
Benoni
Rustenburg
Vereeniging
Brits
Parys
George
Port St Johns
Durban South Coast

TOP CITIES

All Cities
Cape Town
Johannesburg
Pretoria
Ballitoville
Plettenberg Bay
Knysna
Hermanus
Port Elizabeth
Margate
Mossel Bay
Durban

TOP DISTRICTS

All Districts

OUR PARTNERS

Find Your Dubai
Accommodation Chicago
2032 Olympic Games
Accommodation Los Angeles
Accommodation Philadelphia
Accommodation Indiana
Accommodation Missouri
Accommodation Ohio
Accommodation Florida
Accommodation Alabama
Accommodation Michigan
Accommodation Arizona
Accommodation Massachusetts
Accommodation Texas
Hotels Find
Accommodation Rooms
Accommodation San Jose
Accommodation Seattle
Orlando Tourists
Accommodation Dallas
Accommodation Denver
Accommodation Houston
Accommodation New York
Accommodation Deal
Accommodation Abudhabi
Accommodation South Korea
Accommodation Dubai
Tourism UAE
Accommodation Bahrain
Tourism Manager
Tourism Listing
Tourism Bookings NZ
Tourism Bookings
Accommodation New Zealand
USA Australia UK India Germany China France

copyright © 2025 Accommodation Africa.   All rights reserved.

Accommodation Africa Listings

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z