The National Information Technology Development Agency (NITDA) has released an advisory warning about fresh vulnerabilities in ChatGPT that could expose users to data-leakage attacks.
According to the advisory, researchers have identified seven vulnerabilities in the GPT-4o and GPT-5 models that enable attackers to exploit ChatGPT through indirect prompt injection.
The agency noted that hidden instructions embedded in webpages, comments, or URLs can activate unintended actions during routine browsing, summarisation, or search operations.
“By embedding hidden instructions in webpages, comments, or crafted URLs, attackers can cause ChatGPT to execute unintended commands simply through normal browsing, summarization, or search actions,” the agency said.
The alert comes amid rising concern over AI tools interacting with unsafe online content and the increasing reliance on ChatGPT across business, research, and government sectors.
NITDA added that some of the vulnerabilities make it possible to bypass safety controls by concealing harmful content within trusted domains.
Other flaws exploit markdown rendering issues, allowing hidden instructions to slip through undetected.
The agency warned that in more severe instances, attackers could corrupt ChatGPT’s memory, causing it to retain harmful instructions that shape future responses.
They stated that although OpenAI has addressed parts of the problem, LLMs continue to face challenges in distinguishing legitimate user intent from malicious data.
The agency highlighted possible cybersecurity risks, including:
- Unauthorised actions executed by the model
- Unintentional disclosure of user data
- Manipulated or deceptive outputs
- Long-term behavioural shifts caused by memory poisoning
CERRT.NG further noted that users could unknowingly trigger these attacks without clicking or interacting with any element, particularly when ChatGPT processes search results or webpages containing hidden malicious instructions.
It advised Nigerians, businesses, and government organisations to take preventive measures, including limiting or disabling the browsing and summarisation of untrusted websites in enterprise settings and activating features such as browsing or memory only when necessary.
The agency also recommended keeping GPT-4o and GPT-5 models updated to ensure known vulnerabilities are fixed.