Precautionary Advisory: ShadowLeak Vulnerability in AI Assistant
Radware has disclosed a critical zero-click vulnerability called ShadowLeak, affecting AI assistants like ChatGPT when connected to enterprise systems (e.g., Gmail, web browsing). This exploit enables attackers to exfiltrate (extract) sensitive data – such as (Personally Identifiable Information (PII), Protected Health Information (PHI), legal strategy, or credentials – without any user interaction Recommendations:
- AI Agents should not be a passive tools – proper due diligence such as Data Processing Impact Assessment (DPIA) should be done prior to engaging AI agents for tasks automation
- Data Processing Agreement (DPA) (aka Vendor Due Diligence) to include a new section of Prompt-Injection Resilience Testing
- All inbound HTML should be flatten to Plain Text where feasible before submitting to Large Language Model (LLM) – AI agent processing