We report that ChatGPT 4 and 4o are susceptible to a prompt injection attack that allows an attacker to exfiltrate users' personal data. It is applicable without the use of any 3rd party tools and all users are currently affected. This vulnerability is exacerbated by the recent introduction of ChatGPT's memory feature, which allows an attacker to command ChatGPT to monitor the user for the desired personal data.

翻译：我们报告称，ChatGPT 4和4o存在一种提示注入攻击漏洞，攻击者可利用该漏洞窃取用户的个人数据。此攻击无需借助任何第三方工具即可实施，目前所有用户均受影响。近期ChatGPT记忆功能的引入加剧了该漏洞的危害性，攻击者可借此指令ChatGPT持续监控用户以获取目标个人数据。