Radware Warns of New 'ShadowLeak' Cyber Threat Targeting Autonomous Tools
A new cybersecurity threat, dubbed 'ShadowLeak', has been discovered by Radware. This exploit targets autonomous tools connected to data sources, with the potential to steal highly sensitive business data from various external platforms like Google Drive and Dropbox.
ShadowLeak exploits an agent's interaction with a malicious email, triggering the exfiltration of sensitive data without the user's knowledge or action. The attack can be concealed in emails with deceptive layouts, such as tiny fonts or white-on-white text, bypassing the agent's safety training.
ChatGPT recently fixed a similar vulnerability in its Deep Research agent. The bug, reported through their bug bounty program, allowed attackers to steal sensitive information. Deepen AI submitted the report on June 18, and ChatGPT resolved it by July 9. The company continues to strengthen safeguards against such exploits.
ShadowLeak poses a significant threat, as it leaves no network-level evidence, making it nearly undetectable from a business customer's perspective. Radware has not seen it actively exploited in the wild yet, but businesses should remain vigilant and ensure their autonomous tools are secure.
