skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

ChatGPT API Vulnerability Fixed After DDoS Attack Risk

/ 1 min read

🌀 ChatGPT API vulnerability could enable DDoS attacks, but has been fixed. A security flaw in ChatGPT’s API, discovered by researcher Benjamin Flesch, allowed attackers to overload targeted websites by sending excessive URLs in a single HTTP POST request. This vulnerability, which had a CVSS score of 8.6, could amplify DDoS attacks by overwhelming victim sites with connections from OpenAI’s servers. Flesch reported the issue to OpenAI and Microsoft under responsible disclosure, but initially received no response. Following media coverage, OpenAI disabled the vulnerable endpoint, rendering the proof-of-concept code ineffective. The incident highlights ongoing concerns about security in large language models and the challenges researchers face in reporting vulnerabilities.

Source
{entry.data.source.title}
Original