Tag: openai

OpenAI stemmt sich gegen die Forderung, Millionen von ChatGPT-Konversationen freizugeben

Nov 14, 2025 5:49 PM

Tags: ai, chatgpt, cyber, openai, software

OpenAI ist in eine große Kontroverse verstrickt, weil man möchte, dass die Firma Millionen von ChatGPT-Konversationen herausrückt. Das KI-Unternehmen wehrt sich jedoch bislang dagegen. Thomas Boele, Regional Director Sales Engineering, CER / DACH bei Check Point Software Technologies, gibt seine Einschätzung aus der Sicht eines etablierten Herstellers von Cyber-Sicherheitsprodukten ab. ‘Beim Datenschutz geht es nicht…
OpenAI’s viability called into question by reported inference spending with Microsoft

Nov 14, 2025 4:49 PM

Tags: ai, finance, microsoft, openai

Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues First seen on theregister.com Jump to article: www.theregister.com/2025/11/12/openai_spending_report/
OpenAI’s viability called into question by reported inference spending with Microsoft

Nov 14, 2025 4:49 PM

Tags: ai, finance, microsoft, openai

Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues First seen on theregister.com Jump to article: www.theregister.com/2025/11/12/openai_spending_report/
OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data

Nov 13, 2025 2:49 PM

Tags: cyber, data, exploit, openai, vulnerability

Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be the most effective extraction method. Sora 2, OpenAI’s state-of-the-art multimodal model for generating short video content, was thought to keep its system prompt secure. However, researchers discovered that by chaining…
Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio

Nov 12, 2025 10:49 PM

Tags: ai, flaw, openai, vulnerability

AI security firm Mindgard discovered a flaw in OpenAI’s Sora 2 model, forcing the video generator to leak… First seen on hackread.com Jump to article: hackread.com/mindgard-sora-2-vulnerability-prompt-via-audio/
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks

Nov 12, 2025 7:49 PM

Tags: deep-fake, group, openai, risk

Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. First seen on cyberscoop.com Jump to article: cyberscoop.com/sora-2-deepfake-letter-public-citizen-openai/
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks

Nov 12, 2025 7:49 PM

Tags: deep-fake, group, openai, risk

Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. First seen on cyberscoop.com Jump to article: cyberscoop.com/sora-2-deepfake-letter-public-citizen-openai/
Wie ChatGPT sich selbst eine Prompt Injection zufügt

Nov 12, 2025 6:49 PM

Tags: access, ai, chatgpt, cyberattack, endpoint, injection, Internet, LLM, microsoft, openai, tool, vulnerability

Forscher haben neue Methoden für Angriffe über ChatGPT aufgedeckt.Forscher des Sicherheitsunternehmens Tenable haben sieben neue Möglichkeiten entdeckt, wie Angreifer ChatGPT dazu bringen können, private Informationen aus den Chat-Verläufen der Nutzer preiszugeben. Bei den meisten dieser Angriffe handelt es sich um indirekte Prompt Injections, die die Standard-Tools und -funktionen von ChatGPT ausnutzen. Etwa die Fähigkeit, den…
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices

Nov 11, 2025 12:20 PM

Tags: ai, best-practice, chatgpt, data, openai, privacy, risk

What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices

Nov 11, 2025 12:20 PM

Tags: ai, best-practice, chatgpt, data, openai, privacy, risk

What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Researchers trick ChatGPT into prompt injecting itself

Nov 10, 2025 11:22 AM

Tags: attack, chatgpt, data, endpoint, injection, leak, LLM, malicious, monitoring, openai, phishing, unauthorized, vulnerability

Conversation injection and stealthy data exfiltration: Because ChatGPT receives output from SearchGPT after the search model processes content, Tenable’s researchers wondered what would happen if SearchGPT’s response itself contained a prompt injection. In other words, could they use a website to inject a prompt that instructs SearchGPT to inject a different prompt into ChatGPT, effectively…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Nov 9, 2025 12:20 PM

Tags: api, backdoor, control, defense, international, malware, military, openai

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Assistants API for command and control Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector Gootloader Returns: What Goodies Did They Bring? Ransomvibing appears in VS Code extensions…
OpenAI plans to release GPT-5.1, GPT-5.1 Reasoning, and GPT-5.1 Pro

Nov 9, 2025 12:19 AM

Tags: openai

OpenAI is preparing the GPT-5.1 family for public rollout. This includes GPT-5.1 (base), GPT-5.1 Reasoning, and GPT-5.1 Pro for those who pay a $200 monthly subscription. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/openai-plans-to-release-gpt-51-gpt-51-reasoning-and-gpt-51-pro/
ChatGPT und Google-Suche: Private KI-Prompts in Google Search Console gefunden

Nov 8, 2025 3:19 PM

Tags: ai, chatgpt, google, openai

Der Verdacht, dass OpenAI die Google-Suche für ChatGPT-Anfragen verwendet, wird durch diese Erkenntnisse erhärtet. First seen on golem.de Jump to article: www.golem.de/news/chatgpt-und-google-suche-private-ki-prompts-in-google-search-console-gefunden-2511-201985.html
ChatGPT und Google-Suche: Private KI-Prompts in Google Search Console gefunden

Nov 8, 2025 3:19 PM

Tags: ai, chatgpt, google, openai

Der Verdacht, dass OpenAI die Google-Suche für ChatGPT-Anfragen verwendet, wird durch diese Erkenntnisse erhärtet. First seen on golem.de Jump to article: www.golem.de/news/chatgpt-und-google-suche-private-ki-prompts-in-google-search-console-gefunden-2511-201985.html
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
AI Browsers That Beat Paywalls by Imitating Humans

Nov 6, 2025 4:19 PM

Tags: ai, cyber, intelligence, microsoft, openai

The emergence of AI-powered browsers represents a significant shift in how artificial intelligence interacts with web content. However, it has also introduced unprecedented challenges for digital publishers and content creators. Last week, OpenAI released Atlas, joining a growing wave of AI browsers including Perplexity’s Comet and Microsoft’s Copilot mode in Edge, that aim to transform…
AI Browsers That Beat Paywalls by Imitating Humans

Nov 6, 2025 4:19 PM

Tags: ai, cyber, intelligence, microsoft, openai

The emergence of AI-powered browsers represents a significant shift in how artificial intelligence interacts with web content. However, it has also introduced unprecedented challenges for digital publishers and content creators. Last week, OpenAI released Atlas, joining a growing wave of AI browsers including Perplexity’s Comet and Microsoft’s Copilot mode in Edge, that aim to transform…
Do robots dream of secure networking? Teaching cybersecurity to AI systems

Nov 6, 2025 12:19 PM

Tags: ai, api, cisco, cybersecurity, intelligence, openai, threat

This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/do-robots-dream-of-secure-networking/
Do robots dream of secure networking? Teaching cybersecurity to AI systems

Nov 6, 2025 12:19 PM

Tags: ai, api, cisco, cybersecurity, intelligence, openai, threat

This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/do-robots-dream-of-secure-networking/
Schwachstelle im KI-Browser von OpenAI – Sicherheitslücke in ChatGPT Atlas erlaubt Übernahme von Nutzerkonten

Nov 6, 2025 8:19 AM

Tags: ai, bug, chatgpt, openai, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecke-chatgpt-atlas-warnung-a-e76b68af32bfe9fdc512ab7b0253c62c/