Potential Data Leakage Channel Identified in ChatGPT’s Code Execution Runtime

Check Point Research discovered an attribute in ChatGPT's sandboxed code environment that let attackers steal private user data using unmonitored DNS lookups, getting around all of the visible security measures. Standard outbound queries like HTTP were restricted, but DNS resolution stayed open because it was needed for the system to work. This made it possible for a single crafted prompt to create an unseen exfiltration route. In February 2026, OpenAI fixed the problem.  environment that could allow private user information to be sent outside the platform without the user noticing. The key issue is DNS traffic where normal outbound requests can be blocked but DNS lookups are still permitted, and that creates a hidden path for data to leave the sandbox through a single crafted prompt. 

This could potentially expose later conversation content, uploaded files, and even summaries or interpretations produced by the model itself. In practice, that means an attacker could use a seemingly harmless instruction or workflow shortcut to begin quietly extracting sensitive material from a user’s session. 

The report says the channel was not limited to stealing data. Since the connection could work in both directions, an attacker could also push instructions into the runtime and read responses back, which effectively created a remote command interface inside the Linux environment used for code execution. This is significant because anything run through that route would sit outside the normal moderation and safety controls that apply to ordinary responses. 

Since DNS is a routine part of networked systems blocking it entirely would break normal operations; however, attackers can use DNS queries to carry data out of restricted environments. The platform’s security model had not treated that path as a serious threat, which is what made the attack possible. According to the report, Check Point disclosed the problem to OpenAI, and OpenAI confirmed it had independently identified the same issue. A full fix was deployed on 20 February 2026, before the public disclosure. 

READ MORE -> Chat GPT Data Leakage Via a Hidden Outbound Channel in the Code Execution Runtime | Checkpoint Research 

📰  MINI HEADLINES

China Tightens Oversight of Digital Humans, To Ban Explicit Services for Minors 

China’s Cyberspace Administration of China (CAC) has released draft rules focused on the governance of “digital humans,” an emerging field combining AI-generated personas and virtual influencers. The proposed framework introduces multiple safeguards against misuse and unethical applications. Developers would be required to label all virtual human content clearly to prevent users from mistaking synthetic individuals for real people. The legislation explicitly prohibits virtual romantic or intimate relationships with minors, classifying such content as harmful to youth wellbeing. The draft rules also ban the creation of digital humans using another person’s personal information, such as facial data or voice without obtaining prior consent. Further, they prevent virtual human technologies from being used to evade identity verification systems, a technique sometimes exploited to bypass age restrictions or authentication protocols. In line with China’s broader cybersecurity and social management policies, the proposal forbids content that threatens national security, incites subversion against state power, disrupts national unity, or spreads extremist ideology. These measures form part of China’s ongoing campaign to tighten oversight on AI and online platforms following rapid growth in generative technologies and virtual media. The CAC has invited public comments on the draft until May 6, 2026.  

READ MORE -> China moves to regulate digital humans, bans addictive services for children | Reuters  

• Shiny Hunters Data Breach Confirmed by European Commission 

The European Commission has disclosed that its official web portal, Europa.eu, suffered a cyberattack linked to the ShinyHunters data-extortion collective. Although the portal’s operations remain stable and fully functional, the Commission verified that certain internal data had been compromised. While official sources refrained from disclosing details of the breach, ShinyHunters publicly claimed responsibility, asserting that they had stolen over 350 GB of sensitive material, including internal databases, confidential contracts, and mail-server archives. The attackers reportedly posted around 90 GB of that stolen content on their dark-web site, which they use to auction or leak high-value data obtained from prior breaches. This incident adds to the growing list of cyber intrusions targeting European institutions and raises broader questions about data protection and cross-border cybersecurity coordination within the EU. The Commission has emphasised that its technical teams contained the breach swiftly and initiated a full investigation to assess the scope and prevent further exposure. 

Data Breach   

READ MORE -> European Commission confirms data breach after ShinyHunters attack | CERT Europa  

• LinkedIn Faces Privacy Backlash Over Alleged Secret Browser Scanning 

LinkedIn has been accused of secretly scanning users’ browsers and devices through a mechanism called BrowserGate, raising fresh privacy concerns. A report by Fairlinked e.V. says the platform may be using JavaScript to fingerprint users by checking extensions and device details, all without clear notice or consent. [It says this data could even reveal sensitive traits such as political views, religion, or health-related information.]  LinkedIn says the system is meant to protect the platform from scraping and bot activity, but critics argue it may violate GDPR rules on sensitive data and fair competition principles under the DMA. The controversy comes after LinkedIn was already fined in 2024 by Ireland’s data regulator for GDPR breaches.   

Secret Surveillance 

Read more ->Linkedin Under Fire for Alleged Silent Surveillance of Users | Escudo Digital