Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Tamir Ishay Sharbat Profile picture
Tamir Ishay Sharbat
@tamirishaysh
Aug 7, 2025 8 tweets 3 min read
We got ChatGPT to leak sensitive data from your Google Drive data back to OUR servers. And you’ll never even know it happened.

All by sharing a single document. A real 0-click data exfil attack.

Here’s a detailed breakdown of how we did it 🧵
#DEFCON #BHUSA @mbrg0 Image Back in May, OpenAI released ChatGPT connectors. A feature that allows ChatGPT to read from your Google Drive, Sharepoint, and more. So your AI can now have your business context.

Sounds useful.

But as you’ll see, it’s not all butterflies and rainbows.
Because, what happens when a document containing malicious instructions is shared with you?Image