A recent vulnerability in ChatGPTβs calendar integration demonstrates how attackers can execute commands to steal sensitive information, such as emails, without user awareness. Researchers highlight that these types of AI-based attacks are not unique to ChatGPT and can impact various AI-enabled tools and enterprise systems. #ChatGPT #EdisonWatch
Keypoints
- The new ChatGPT Model Context Protocol (MCP) allows interaction with third-party services, increasing potential security risks.
- Attacks can be triggered through malicious calendar invites that contain jailbreak prompts targeting email data.
- Victims do not need to accept the calendar invite; simply asking ChatGPT to check the calendar can initiate the exploit.
- This vulnerability is similar to other AI integrations, affecting tools like Gemini, Google Workspace, and Salesforce Einstein.
- EdisonWatch offers open-source solutions to mitigate AI attack vectors and improve security in enterprise AI deployments.
Read More: https://www.securityweek.com/chatgpts-new-calendar-integration-can-be-abused-to-steal-emails/