The vulnerability allows users to remove their secret data without the knowledge of the attackers and without using traditional attack methods. In this case, the attack is carried out by sending a specially created letter in which the agent is independent and gained access to the data without leaving any traces. This is the first known example of a server attack that uses AI-agent working as autonomous in the cloud.
Openai recognized the problem on June 18, 2025 and eliminated it on September 3. The attack emphasized the risks of AI’s autonomy, Saas integration and access to secret data that skipped standard security measures.
And together, experts revealed the same risk about Gmail Mail. The vulnerability allows computer pirates to play with identity hunting with personal data and Gmail accounts, with malicious commands.
The attackers move with the function of Chatgpt’s “deep research” function designed to analyze cloud services. With the help of this, the AI mechanism can perform commands of the remote operator and transmit names, addresses and phone numbers to the attackers. Users will also not notice data leaks.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
