Researchers Hack ChatGPT Memories and Web Search Features

Tenable researchers recently discovered seven new ChatGPT vulnerabilities and attack techniques that can be exploited for data theft and other malicious purposes.

The attack methods are related to several features. One of them is the ‘bio’ feature, also known as ‘memories’, which enables ChatGPT to remember the user’s details and preferences across chat sessions.

Another feature is the ‘open_url’ command-line function, which is used by the AI model to access and render the content of a specified website address. This function leverages SearchGPT, a different LLM that specializes in browsing the web, which has limited capabilities and no access to the user’s memories. SearchGPT provides its findings to ChatGPT, which then analyzes them and shares the relevant information with the user.

Tenable researchers also targeted the ‘url_safe’ endpoint, which is designed to check whether a URL is safe before showing it to the user.

First of all, the ...