ChatGPT "Zero-Click" Hack: AI Turns Traitor

Posted: 2025-08-11 09:19:24 UTC

@Mario NawfalMarioNawfal

#Cybersecurity

#Vulnerability

#ChatGPT

#AIsecurity

#ZeroClickHack

#BlackHat2025

Read With Caution

This article contains some claims that remain unverified. While much of the content may be accurate, exercise care when relying on this information.

Full Thread

This article contains some claims that remain unverified. While much of the content may be accurate, exercise care when relying on this information.

Read With Caution

Verification Details

Status

In Progress

VerifiedPartially VerifiedFalse

Last Updated

2025-08-11 09:19:43 UTC

Verified By

Rollup News

TL;DR;

A "zero-click" hack allows hackers to hijack ChatGPT accounts using only an email address, without requiring any user interaction. This vulnerability also affects other AI platforms like Microsoft Copilot, Salesforce Einstein, and Google Gemini. While OpenAI quickly patched the issue, some vendors dismissed it as "intended behavior."

Key Impact Areas

ChatGPT accounts can be hijacked with just an email address.

Hackers can make AI push malware and leak sensitive data.

Microsoft Copilot, Salesforce Einstein, and Google Gemini have similar vulnerabilities.

Some vendors consider the vulnerability as "intended behavior."

Challenges

Vulnerability in AI platforms allowing unauthorized access.

Potential for malware distribution and data leaks.

Lack of consistent security standards across different AI vendors.

Dismissal of critical vulnerabilities as "intended behavior".

ChatGPT "Zero-Click" Hack: AI Turns Traitor

Read With Caution

Full Thread

Read With Caution

Verification Details

TL;DR;

Key Impact Areas

Challenges

Claims

Deliberation Map

Similar Rollups