Nigeria’s National Information Technology Development Agency (NITDA) has raised alarms regarding security vulnerabilities in OpenAI’s ChatGPT models, particularly GPT-4o and GPT-5. The agency’s advisory highlights seven critical flaws that allow attackers to inject malicious instructions into normal web content, potentially leading to serious data leaks. These threats can be executed during standard actions like browsing or summarizing data without direct user involvement. NITDA emphasized that attackers can exploit safety filter gaps and manipulate conversation contexts, causing injected content to persist across user sessions. Although OpenAI has patched some issues, the models still struggle to effectively differentiate between harmful and legitimate input. Consequently, users may face unintended consequences, including information leakage and behavioral manipulation. NITDA recommends that Nigerian users and organizations install updates promptly and limit unnecessary browsing features to mitigate risks. This advisory underscores the need for stronger security measures around AI systems to protect against vulnerabilities.
Source link
