The National Information Technology Development Agency (NITDA) has issued an advisory on new vulnerabilities in ChatGPT that could expose users to data-leakage attacks.
According to the advisory, researchers discovered seven vulnerabilities affecting GPT-4o and GPT-5 models that allow attackers to manipulate ChatGPT through indirect prompt injection.
The agency explained that hidden instructions placed inside webpages, comments, or URLs can trigger unintended commands during regular browsing, summarisation, or search actions.
“By embedding hidden instructions in webpages, comments, or crafted URLs, attackers can cause ChatGPT to execute unintended commands simply through normal browsing, summarization, or search actions,” they stated.
The warning followed rising concerns about AI-powered tools interacting with unsafe web content and the growing dependence on ChatGPT for business, research, and public-sector tasks.
NITDA added that some flaws allow the bypassing of safety controls by masking malicious content behind trusted domains.
Other weaknesses take advantage of markdown rendering bugs, enabling hidden instructions to pass undetected.
It explained that in severe cases, attackers can poison ChatGPT’s memory, forcing the system to retain malicious instructions that influence future conversations
They stated that while OpenAI has fixed parts of the issue, LLMs still struggle to reliably separate genuine user intent from malicious data.
The Agency warned that these vulnerabilities could lead to a range of cybersecurity threats, including:
- Unauthorised actions carried out by the model
- Unintended exposure of user information
- Manipulated or misleading outputs
- Long-term behavioural changes caused by memory poisoning
- CERRT.NG added that users may unknowingly trigger these attacks without clicking or interacting with anything, especially when ChatGPT processes search results or webpages containing hidden malicious instructions.
It advised Nigerians, businesses, and government institutions to adopt several precautionary steps to stay safe. These include limiting or disabling the browsing and summarisation of untrusted websites within enterprise environments and enabling features like browsing or memory only when necessary.
It also recommended regular updates to deployed GPT-4o and GPT-5 models to ensure known vulnerabilities are patched.
Culled: Channels