ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues - Ars Technica

The ZombieAgent attack, a bypass of the earlier ShadowLeak exploit, leverages an indirect prompt injection vulnerability in ChatGPT to achieve character-by-character data exfiltration from user sessions. This sophisticated exploit bypasses OpenAI's URL parameter restrictions by supplying pre-constructed URLs and establishes persistence by planting malicious instructions within the LLM's long-term memory.