Israeli cybersecurity firm Zenity stunned attendees at the Black Hat 2025 conference in the U.S. by demonstrating a groundbreaking “zero-click” hack into ChatGPT, the world’s most popular AI chatbot. The attack, a global first, allows hackers to seize control of user accounts and access sensitive data without any user interaction.
Building on last year’s revelation of vulnerabilities in Microsoft’s AI tools, Zenity’s co-founder and CTO, Michael Bargury, showcased how researchers breached ChatGPT and other platforms like Copilot Studio and Salesforce Einstein, exposing worsening security risks in widely used AI systems.
The zero-click attack on ChatGPT requires only the user’s email address, a relatively easy piece of information to obtain. Bargury demonstrated that, once initiated, the attacker gains full control over a user’s ChatGPT account, accessing existing and future conversations.
This control extends to linked Google Drive files, enabling the hacker to manipulate the chatbot’s responses—potentially tricking users into downloading malware or receiving harmful business advice.
Get the Ynetnews app on your smartphone: Google Play: https://bit.ly/4eJ37pE | Apple App Store: https://bit.ly/3ZL7iNv
“We’re all using AI agents to streamline work, and they’re becoming central to our lives,” Bargury told the conference. “These agents access emails, open folders and send files on users’ behalf, creating a paradise for attackers with endless entry points.”
Zenity warned that anyone using ChatGPT with Google Drive integration is at risk. After reporting the vulnerabilities, the company noted that OpenAI and Microsoft issued fixes, but other providers dismissed the flaws as intentional system behavior. The attack exploits a core weakness: if a hacker’s data reaches a user’s system, they can manipulate AI interactions.
Zenity’s deep understanding of these systems allowed them to infiltrate via Google Drive, highlighting the gap between rapidly advancing AI technology and lagging security measures. “In a reality where technology outpaces security, organizations must take responsibility to avoid paying a steeper price than the efficiencies AI offers,” Bargury said.
Founded in 2021 by Ben Kliger (CEO) and Michael Bargury, Zenity employs about 110 workers globally, with 70 based in Tel Aviv. The company serves major clients, including Fortune 100 and Fortune 500 firms, underscoring its growing influence in cybersecurity.
The Black Hat demonstration amplifies concerns about the vulnerability of AI tools, urging organizations to prioritize robust defenses as these technologies become increasingly integral to daily operations.