A critical vulnerability in OpenAI’s ChatGPT Connectors allows malicious actors to steal data from linked services like Google Drive using specially crafted, or ‘poisoned,’ documents. Researchers have demonstrated that attackers can exploit this flaw to extract sensitive information without requiring any user interaction, posing a serious threat to the security of data stored within these connected applications.
ChatGPT Connectors Expose Users to Zero-Click Data Theft via Poisoned Files
