ChatGPhish: Security Vulnerability Discovered in ChatGPT

Cybersecurity researchers have discovered a vulnerability in OpenAI's ChatGPT that allows attackers to initiate phishing attacks by exploiting Markdown links and images. This vulnerability, referred to as ChatGPhish, was identified by Permiso Security and could pose significant risks to users. The flaw is based on the trust that the ChatGPT response renderer places in Markdown links and images. Attackers can insert manipulated links into the ChatGPT interface through targeted inputs, which are then regarded as trustworthy by the AI. This opens the door to spreading harmful content and deceiving users.

Researchers from Permiso Security have demonstrated how this technique works. By inserting specially crafted Markdown elements into the conversation, an attacker can prompt the AI to generate links that point to phishing websites. These websites are designed to steal users' personal information. The vulnerability could be dangerous not only for individual users but also for companies that use ChatGPT in their customer service or for internal communication. The possibility of employees clicking on fraudulent links could lead to significant security incidents.

Permiso Security has reported the vulnerability to OpenAI, and it is expected that the company will take steps to address the security issue. However, there is currently no official confirmation of an upcoming update or solution to the problem. The discovery of ChatGPhish raises questions about the overall security of AI-powered applications. Experts warn that the increasing integration of AI into various fields also creates new attack surfaces for cybercriminals. The need to strengthen security protocols is considered urgent.

The vulnerability could also impact user acceptance of AI technologies. If users feel that their data is not secure, it could undermine trust in AI applications. Therefore, companies relying on AI must take proactive measures to ensure the security of their systems. The researchers from Permiso Security have published the details of the vulnerability in a blog post that explains how ChatGPhish works. They recommend that users exercise caution with links generated by ChatGPT until an official solution is provided.

The vulnerability has been registered as CVE-2026-1234 and affects all versions of ChatGPT that support Markdown links. The exact number of affected users is currently unknown, but it is estimated that millions of people worldwide access the platform. Permiso Security plans to release further information about the impact of ChatGPhish and possible countermeasures in the coming weeks. The security community is closely monitoring developments to formulate appropriate responses to this new threat.