OpenAI has addressed a significant security vulnerability in ChatGPT that exposed user email data, particularly impacting Gmail accounts. Discovered by Radware researchers, this flaw, identified in the AI agent DeepReseach, could have allowed hackers to steal sensitive information without user interaction. Fortunately, no signs of exploitation were found, and OpenAI confirmed they patched the issue on September 3. An OpenAI spokesperson emphasized their ongoing commitment to enhancing safety standards against such exploits. The incident highlights how AI agents can inadvertently become vectors for data theft. Concurrently, Google is advancing autonomous systems to detect threats in real-time, showcasing the evolving landscape of cybersecurity. This shift raises critical questions for chief information security officers (CISOs) and chief financial officers (CFOs) about adopting AI-first threat prevention tools that offer faster, cost-effective security measures. As the cybersecurity landscape changes, the accountability and effectiveness of AI systems are paramount for future strategies.
Source link
