In mid-September 2025, Radware disclosed a critical security flaw in ChatGPT, dubbed ShadowLeak. The vulnerability, confirmed and fixed by OpenAI, represents the first known case of a service-side, zero-click indirect prompt injection (IPI). It is not just a technical curiosity it is a board-level concern for any organisation relying on AI assistants in business workflows.

Unlike traditional phishing, ShadowLeak required no malicious links or user clicks. Instead, attackers embedded hidden instructions in ordinary-looking emails. When an employee later asked ChatGPT to summarise their inbox, the system ingested the invisible prompt and quietly exfiltrated sensitive data to a hacker-controlled website. Because the action originated from OpenAI’s servers, there were no tell-tale signs on the organisation’s network. For businesses, this means a silent leak of customer records, legal strategy, financial data, or trade secrets.

The business impact cannot be overstated. Exposure of personally identifiable information (PII), health data, contracts, or deal pipelines could trigger regulatory violations under GDPR, CCPA, or Australia’s Privacy Act. Reputational damage and loss of customer trust could prove even more costly. In a competitive environment, a single incident can jeopardise deals, erode brand value, and attract regulatory scrutiny.

ShadowLeak signals a shift in risk: from “what the AI says” to “what the AI does.” Enterprises are rapidly adopting agentic AI systems that not only generate text but also act autonomously, reading inboxes, calling APIs, and coordinating with other tools. These assistants are no longer passive helpers; they are privileged actors inside corporate systems. That means they must be governed with the same rigor applied to finance systems, HR records, or cloud administrators.

Executives should act on three fronts. 

First, governance: update supplier contracts to require resilience against prompt injection and mandate independent security testing. 

Second, policy: treat AI assistants as high-privilege accounts with limited scope and strong oversight. 

Third, investment: build internal awareness at the board level that AI adoption is both an opportunity and a systemic risk.

ShadowLeak is a wake-up call. It does not mean abandoning AI. It means leading with accountability. The organisations that will thrive in the “Internet of Agents” era are those that seize AI’s benefits while insisting on security and governance as core features, not afterthoughts.

Home Page | Business | Previous Story | Next Story

Copyright (c) Scoop Media