The National Information Technology Development Agency (NITDA) yesterday warned Nigerians about the existence of new vulnerabilities in OpenAI’s GPT-4.0 and GPT-5 series which could expose users to data leakage.

The Director of Corporate Affairs and External Relations Hadiza Umar, issued the advisory, said that the agency identified seven critical weaknesses in the models, which allowed attackers to manipulate the system through indirect prompt injection.

She said: “By embedding hidden instructions in webpages, comments or crafted URLs, attackers can cause ChatGPT to execute unintended commands through normal browsing, summarisation or search actions.

“Some flaws also enable attackers to bypass safety filters using trusted domains and exploit markdown rendering bugs to hide malicious content. “That act can even poison ChatGPT’s memory so that injected instructions persist across future interactions.”

Umar said although OpenAI had addressed part of the issue, large language models still face challenges in distinguishing genuine user intent from malicious embedded data.

She said the technique had embedded hidden instructions in webpages, online comments, or crafted URLs, which can mislead ChatGPT into executing unintended actions during routine browsing or search activities.