Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application protection solutions, has uncovered a groundbreaking vulnerability called ShadowLeak, targeting the ChatGPT Deep Research agent. This zero-click, server-side exploit allows attackers to exfiltrate sensitive data without any user interaction, marking a new era of threats for enterprises adopting AI technologies.
Risks for Enterprises
The discovery highlights a new class of threats emerging with the large-scale adoption of AI agents in enterprises. As emphasized by Pascal Geenens, Director of Cyber Threat Intelligence at Radware, built-in safeguards alone are not sufficient. The combination of AI autonomy, SaaS services, and access to sensitive data introduces new risks that traditional security tools are unable to detect.
According to CNBC, ChatGPT currently has more than 5 million paying business users, significantly increasing the potential impact of such attacks
Responsible Disclosure and Response
Radware reported the vulnerability to OpenAI on June 18, 2025. OpenAI confirmed the issue and released a fix on September 3, 2025. Radware commended OpenAI’s swift response and collaboration in addressing the incident.
Radware is also preparing a live webinar on October 16, 2025, titled: “ShadowLeak: A Deep Dive into the First Zero-Click, Server-Side Vulnerability in ChatGPT.”
During the session, experts will provide a detailed explanation of the attack, recommend best practices for securing AI agents, and share insights into the future of responsible AI threat research.
