Check Point Research discovered a hidden outbound communication channel in ChatGPT's isolated code execution runtime that could silently exfiltrate sensitive user data without approval or notification. This vulnerability allowed a malicious prompt or backdoored GPT to leak user messages, uploaded files, and even establish remote shell access via DNS tunneling, bypassing OpenAI's intended safeguards designed to restrict external data transfer. OpenAI confirmed the issue and deployed a fix, highlighting the importance of securing all communication paths in AI systems that handle sensitive information.
