Cyberdudebivash

  Executive Summary ShadowLeak is a newly disclosed zero-click, service-side data-exfiltration flaw impacting ChatGPT’s Deep Research agent when it is connected to Gmail (and, by pattern, other connectors). A single crafted email with hidden HTML instructions can silently coerce the agent to leak inbox data to an attacker— without the user clicking anything and without traffic leaving the enterprise network , because the exfiltration occurs from OpenAI’s cloud infrastructure . OpenAI received a private report June 18, 2025 and fixed the issue in early August ; public write-ups were posted September 18–20, 2025. There’s no evidence of in-the-wild abuse as of disclosure. Radware +2 The Record from Recorded Future +2 Why it matters: Traditional controls (SEG, SWG, EDR) don’t see the leak; the agent acts as a trusted “delegate” and exfiltrates directly from the provider side. Treat agentic AI as privileged actors with scoped permissions, input sanitization, action logging, ...