{"id":229345,"date":"2026-03-30T14:05:00","date_gmt":"2026-03-30T18:05:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/30\/openai-patches-chatgpt-data-exfiltration-flaw-and-codex-github-token-vulnerability\/"},"modified":"2026-03-30T17:15:10","modified_gmt":"2026-03-30T21:15:10","slug":"openai-patches-chatgpt-data-exfiltration-flaw-and-codex-github-token-vulnerability","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/30\/openai-patches-chatgpt-data-exfiltration-flaw-and-codex-github-token-vulnerability\/","title":{"rendered":"OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/openai-patches-chatgpt-data.html\">OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/openai-patches-chatgpt-data.html\">https:\/\/thehackernews.com\/2026\/03\/openai-patches-chatgpt-data.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-30 14:05:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point.<\/p>\n<p>&#8220;A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content,&#8221; the cybersecurity company said in a report published today. &#8220;A backdoored GPT could abuse the same weakness to obtain access to user data without the user&#8217;s awareness or consent.&#8221;<\/p>\n<p>Following responsible disclosure, OpenAI addressed the issue on February 20, 2026. There is no evidence that the issue was ever exploited in a malicious context.<\/p>\n<p>While ChatGPT is built with various guardrails to prevent unauthorized data sharing or generate direct outbound network requests, the newly discovered vulnerability bypasses these safeguards entirely by exploiting a side channel originating from the Linux runtime used by the artificial intelligence (AI) agent for code execution and data analysis.<\/p>\n<p>Specifically, it abuses a hidden DNS-based communication path as a &#8220;covert transport mechanism&#8221; by encoding information into DNS requests to get around visible AI guardrails. What&#8217;s more, the same hidden communication path could be used to establish remote shell access inside the Linux runtime and achieve command execution.<\/p>\n<p>In the absence of any warning or user approval dialog, the vulnerability creates a security blind spot, with the AI system assuming that the environment was isolated.<\/p>\n<p>As an illustrative example, an attacker could convince a user to paste a malicious prompt by passing it off as a way to unlock premium capabilities for free or improve ChatGPT&#8217;s performance. The threat gets magnified when the technique is embedded inside custom GPTs, as the malicious logic could be baked into it as opposed to tricking a user into pasting a specially crafted prompt.<\/p>\n<p>&#8220;Crucially, because the model operated under the assumption&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/openai-patches-chatgpt-data.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability https:\/\/thehackernews.com\/2026\/03\/openai-patches-chatgpt-data.html Publish Date: 2026-03-30&#8230;<\/p>\n","protected":false},"author":1,"featured_media":229346,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSleuSc-PdTH7u0CSOLasljqQ-HO4A5sIqzvVeeVlGlqynCVYSdgU1c-7zoVavi1OADQiN3-_KS93PbMbmc4daNULqCXV21ChjnRUvqXIPT9mnLRCmbHdVy0YeaMnRuzGBAo8JoJPE5Wnzl3Sf0b_3d1-OV6VB3PKhKy_olGs9mi1YLIOJnAl7uQkYkdjI\/s1600\/cpr.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,27],"class_list":["post-229345","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229345"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=229345"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229345\/revisions"}],"predecessor-version":[{"id":229347,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229345\/revisions\/229347"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/229346"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=229345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=229345"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=229345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}