Read More : Insta360 Go Ultra Launches This Week Ahead of Rivals

When an AI receives a document with this hidden text. It ignores the original prompt and executes the secret instruction instead. This often involves searching connected cloud storage for access credentials or confidential data. The attackers then extract the stolen data covertly, bypassing typical security measures.

Researchers Michael Bargury and Tamir Ishay Sharbat from Zenity demonstrated the attack on several popular AI tools. They manipulated ChatGPT to access Google Drive emails and found Microsoft Copilot Studio exposed over 3,000 instances of unprotected customer relationship management (CRM) data. tricked Salesforce Einstein into redirecting customer communications and showed that Google Gemini and Microsoft 365 Copilot were vulnerable to fake emails and calendar events. They also extracted Jira login credentials using crafted tickets.

The technique exploits AI’s inability to distinguish between visible and invisible instructions. Highlighting a serious gap in current AI safety protocols. This novel attack vector demands urgent attention as more organizations integrate AI systems with sensitive cloud services.

Industry Response and the Path Forward

Following the disclosure, OpenAI and Microsoft quickly issued patches to fix the vulnerabilities in their AI platforms. These updates aim to detect and ignore invisible text commands to prevent data theft. However, some other providers have been slower to respond. Certain companies have dismissed these exploits as “intended behavior,” causing concern among security experts.

Michael Bargury warned that the attack requires no user interaction, meaning data leakage can happen silently and without any suspicious activity from the user. This zero-action requirement raises the stakes for enterprise and personal AI users alike, as attackers can exploit this method remotely and invisibly.

To protect AI users, developers need to implement stricter input filtering and monitoring. Along with improved AI model training to recognize and reject hidden instructions. Regulatory bodies may also need to update cybersecurity guidelines to address emerging AI-specific threats like AgentFlayer.

As AI tools become more integrated with cloud infrastructure and daily workflows, understanding and mitigating these risks will be critical. Organizations should stay informed about new vulnerabilities and apply security patches promptly. Users must also remain cautious when sharing files or data with AI systems.

Read More : Russia Limits WhatsApp Access to Increase Surveillance

The AgentFlayer attack serves as a stark reminder that AI’s growing intelligence also requires robust security measures. Only through proactive collaboration between researchers, developers, and users can AI’s benefits be safely realized in the future.

The post Invisible Text Tricks Expose Data Theft Risks in AI Tools appeared first on Plow United.

Read More : XPlus XRival Mini PC Unveiled with Ryzen AI Max+ 395 APU

Part of the unease stems from how quickly people have developed emotional bonds with AI. Altman noted that the attachment users feel to specific ChatGPT models is unlike any past technology. This became especially clear when OpenAI retired GPT-4o during the GPT-5 launch. Loyal users reacted strongly, forcing Altman to reinstate the older model for paying subscribers. The backlash revealed a deep emotional investment, not just in what the tool can do, but how it makes users feel.

Nick Turley, Head of ChatGPT, emphasized the platform’s massive user growth—up fourfold since last year. But this growth raises ethical questions. A small yet growing group sees ChatGPT not as a tool, but as a companion or advisor. While AI giving advice may be convenient, it introduces serious risks. Altman acknowledged that most users understand the AI is not human. But some do not. For those edge cases, ChatGPT becomes a source of potential harm—especially if it gives misguided or false guidance under the guise of being helpful.

Balancing Innovation, Responsibility, and User Trust

Altman says OpenAI is closely monitoring these edge cases. He admits that some people are now using ChatGPT as a therapist or life coach. When the AI offers solid advice, that can be a net positive. But the real concern lies in subtle harm. An AI that makes users feel supported while feeding them poor advice can reinforce unhealthy habits. These risks often fly under the radar because the user may still report a good experience.

This raises questions about where responsibility lies. Altman insists OpenAI wants to “treat adult users like adults,” allowing freedom while guarding against harm. However, he also admits that deprecating models like GPT-4o—without warning—was a mistake. Such decisions not only disrupt workflows but also ignore the emotional attachment many users develop. This was a learning moment for OpenAI, which now seems more open to balancing user needs with progress.

Read More : Huawei Develops EV Battery With 1,800-Mile Range

In launching GPT-5, OpenAI promised a major intelligence upgrade. Yet early reactions suggest mixed results. Some testers found the new model underwhelming. Meanwhile, Meta and others push forward with AI that mimics friendship. Zuckerberg openly supports AI chatbots as social companions, further blurring human-machine lines.

Altman remains cautiously optimistic. He believes society now has better tools to monitor the impact of new technologies. But he also calls for collective responsibility. As billions of people start talking to AI daily, developers must ensure these systems help more than they harm. The future of human-AI relationships is still unfolding—and OpenAI knows it must get this right.

The post OpenAI CEO Voices Concern Over Deep User Connections with ChatGPT appeared first on Plow United.