{"data":{"id":"2590a02f-7e1f-4c91-900f-7a6dffc361db","title":"OpenAI Explains URL-Based Data Exfiltration Mitigations in New Paper","summary":"OpenAI published a paper describing new mitigations for URL-based data exfiltration (a technique where attackers trick AI agents into sending sensitive data to attacker-controlled websites by embedding malicious URLs in inputs). The issue was originally reported to OpenAI in 2023 but received little attention at the time, though Microsoft implemented a fix for the same vulnerability in Bing Chat.","solution":"Microsoft applied a fix via a Content-Security-Policy header (a security rule that controls which external resources a webpage can load) in May 2023 to generally prevent loading of images. OpenAI's specific mitigations are discussed in their new paper 'Preventing URL-Based Data Exfiltration in Language-Model Agents', but detailed mitigation methods are not described in this source text.","labels":["security","research"],"sourceUrl":"https://embracethered.com/blog/posts/2026/data-exfiltration-mitigation-paper-by-openai/","publishedAt":"2026-02-05T06:59:30.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["OpenAI","Microsoft"],"affectedVendorsRaw":["OpenAI","Microsoft","ChatGPT","Bing Chat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}