SendTech Times
CybersecurityNews|June 8, 2026 at 02:51 AM
AI SHIFT:

ChatGPT Lockdown Mode Narrows AI Data Exfiltration Paths

BySTechTimes Editor|Source: Thehackernews
Article summary

OpenAI is rolling out Lockdown Mode for eligible ChatGPT users to reduce data exfiltration risk from prompt injection. The optional setting limits outbound web and tool capabilities, trading some product flexibility for stronger containment around sensitive workflows.

ChatGPT Lockdown Mode Narrows AI Data Exfiltration Paths
Image source: The Hacker News

ChatGPT adds a narrower security posture

OpenAI has begun rolling out Lockdown Mode for eligible personal and self-serve ChatGPT Business accounts, giving users an optional setting that reduces the ways ChatGPT can connect to the web or outside services.

The feature is meant for users and organizations handling sensitive information, where data leakage risk can matter more than convenience.

The setting is available to logged-in users across Free, Go, Plus and Pro accounts, as well as self-serve ChatGPT Business plans.

Its central purpose is not to prevent prompt injection attempts from appearing, but to reduce the outbound paths that could let sensitive data leave a session.

Tool limits target exfiltration paths

Lockdown Mode builds on sandboxing and existing controls by limiting outbound network requests.

In practice, it restricts live web browsing to cached content, removes image support in regular responses and web retrieval, blocks network access for Canvas-generated code, and prevents file downloads for data analysis.

Those constraints are significant because prompt injection risk often depends on a model being persuaded to send information to an attacker-controlled destination.

By removing or narrowing tools that reach external systems, OpenAI is trading some product utility for a smaller data-exfiltration surface.

Security becomes a product configuration choice

The feature underlines how AI security is moving from back-end filtering alone toward user-visible operating modes.

OpenAI says the setting is not intended for everyone, which makes the trade-off explicit: stronger containment can make ChatGPT less flexible for web, image, code and file workflows.

That matters for enterprises because many employees use AI tools near confidential documents, internal context or customer data.

A lockdown-style control gives security teams a clearer option when the priority is containment rather than maximum feature access.

What to watch next

The next signal is whether similar modes become standard across AI assistants, especially those connected to browsers, coding tools, productivity suites and enterprise data stores.

The practical test is whether users can understand when to enable stricter controls before sensitive workflows begin.

For OpenAI, the feature also shows that prompt injection remains a hard unresolved class of risk for large language models.

Lockdown Mode does not remove the attack category, but it narrows the consequences by reducing outbound channels that an attacker could try to exploit.

Share this article
inXf

Related articles

More
Palo Alto Sell-Off Shows AI Cybersecurity Demand Still Has a Timing Problem
Cybersecurity

Palo Alto Sell-Off Shows AI Cybersecurity Demand Still Has a Timing Problem

Palo Alto Networks shares fell more than 4% after stronger quarterly results and current-quarter guidance failed to satisfy investors looking for faster AI-linked earnings upside. CEO Nikesh Arora reiterated a fiscal 2030 target of more than 4,000 platformizations and a USD 20 billion NGS ARR goal. The practical test is whether AI-related security demand turns into NGS ARR progress as data center infrastructure is ordered, installed and brought online.

Silent Ransom Group Uses Fake IT Support Calls to Pressure Law Firms
Cybersecurity

Silent Ransom Group Uses Fake IT Support Calls to Pressure Law Firms

Silent Ransom Group is targeting U.S. law firms and professional services organizations with fake IT support calls, remote access tools and rapid data-theft extortion. Mandiant links the activity to UNC3753, Luna Moth and Chatty Spider, while the FBI has warned of related social engineering and in-person theft attempts.

NFSP Ransomware Attack Turns Supplier Email Pause Into a Security-Control Test
Cybersecurity

NFSP Ransomware Attack Turns Supplier Email Pause Into a Security-Control Test

The National Federation of Subpostmasters was hit by ransomware after a cPanel-related hosting software bug was exploited. The NFSP was targeted on 30 April, and the Post Office paused some email interactions with the federation while saying branch operations were not affected. The immediate test is whether trusted communications can resume without pushing subpostmasters toward insecure workaround channels.

UAE Crypto Discovery Tool Turns Post-Quantum Security Into an Inventory Test
Cybersecurity

UAE Crypto Discovery Tool Turns Post-Quantum Security Into an Inventory Test

The UAE launched a national Crypto Discovery Tool to help organisations identify and manage cryptographic systems before post-quantum migration. The platform was developed by the UAE Cyber Security Council and Abu Dhabi-based QuantumGate as part of the National Post-Quantum Migration Programme. The practical test is whether public- and private-sector organisations use the tool to build a reliable inventory of cryptographic exposure.

Keep Reading

More Stories

Latest
Amazon-Corning Fiber Deal Puts Optics Inside The AI Data Center BottleneckCloud & Data CentersJun 9, 2026Amazon-Corning Fiber Deal Puts Optics Inside The AI Data Center BottleneckAmazon has reached a multi-year optical fiber and networking agreement with Corning, adding North Carolina manufacturing jobs and highlighting fiber capacity as a practical constraint in AI data center expansion.Check Point VPN Exploitation Puts Legacy IKEv1 Access In The Ransomware SpotlightCybersecurityJun 8, 2026Check Point VPN Exploitation Puts Legacy IKEv1 Access In The Ransomware SpotlightA critical Check Point VPN flaw, CVE-2026-50751, is being exploited against legacy IKEv1 remote-access configurations, with activity tied in one case to a Qilin ransomware affiliate and a second related VPN issue also disclosed.Alphabet’s $85 Billion AI Financing Push Tests Data Center Investor AppetiteCloud & Data CentersJun 8, 2026Alphabet’s $85 Billion AI Financing Push Tests Data Center Investor AppetiteAlphabet is seeking $85 billion in equity financing after raising its capex outlook to as high as $190 billion. The company is presenting Google Cloud growth, AI adoption and lower Gemini serving costs as evidence that its data center spending can support long-term AI demand.Apple WWDC 2026 Turns Siri Into the Test of Its AI CredibilityAIJun 8, 2026Apple WWDC 2026 Turns Siri Into the Test of Its AI CredibilityApple is expected to put Siri back at the center of WWDC 2026 after delays to its promised Apple Intelligence assistant. The event is likely to test whether Apple can turn contextual awareness, chatbot-style interaction and agentic voice tasks into reliable platform features.Smart TV Proxy SDKs Turn Free Apps Into a Hidden AI Scraping Supply ChainCybersecurityJun 7, 2026Smart TV Proxy SDKs Turn Free Apps Into a Hidden AI Scraping Supply ChainBright Data's SDK has been reverse-engineered in research showing how free apps can turn consumer devices, including smart TVs, into residential proxy nodes for web-scraping traffic. The issue matters because AI data harvesting is increasing demand for residential IPs, while consent screens and background network behavior may not be clear to users or IT teams.Stratos Data Center Cuts Utah Plan as Water Backlash Tests AI Infrastructure GrowthAIJun 7, 2026Stratos Data Center Cuts Utah Plan as Water Backlash Tests AI Infrastructure GrowthA Kevin O'Leary-backed Utah data center plan has been cut back after water and transparency objections, showing how local resistance can reshape AI infrastructure projects.Dubai Hotels Turn to Residents as Tourism Shock Tests Luxury DemandEconomyJun 7, 2026Dubai Hotels Turn to Residents as Tourism Shock Tests Luxury DemandDubai luxury hotels are using resident staycation discounts to offset weaker international tourism, but the source shows weekend demand cannot fully replace longer foreign stays.Ciena's $50 Billion AI Network Target Puts Optical Capacity on the Hyperscaler ClockChips & SemiconductorsJun 7, 2026Ciena's $50 Billion AI Network Target Puts Optical Capacity on the Hyperscaler ClockCiena says AI demand could roughly double its addressable market to about $50 billion by 2029 as hyperscalers and service providers invest in optical networking. It cited RLS Hyper Rail, DCOM, coherent modules and 400G/800G pluggable optics as demand areas while planning $250 million to $275 million in capex this year. The practical test is whether AI compute buildouts convert into durable network orders.liko.ai Funding Turns Edge AI Into a Smart-Home Hardware TestAIJun 7, 2026liko.ai Funding Turns Edge AI Into a Smart-Home Hardware Testliko.ai completed its first-round financing to fund edge-side vision-language models, AI-native hardware and multi-modal home terminals. The investor group includes Shangtang Guoxiang Capital, Orient Fortune Capital, iFlytek Venture Capital, Hongtai Fund, Zhengxuan Investment and Mianbi Intelligence. The practical test is whether the startup can turn camera-based edge AI into a consumer smart-home hub without relying on cloud processing.Impact Circle Turns Impact Finance Into a Japan Fintech Measurement TestFintech & Digital PaymentsJun 7, 2026Impact Circle Turns Impact Finance Into a Japan Fintech Measurement TestTokyo-based Impact Circle is building a fintech model that measures social impact through its own lending and visualization businesses. The company won the Tokyo Financial Award 2025 financial innovation category and raised 335 million yen in a November 2024 Series A round. The next signal is whether Impact Cloud IC can turn impact measurement into a repeatable workflow for investors and Japanese corporations.ByteDance Raises Volcano Engine AI Revenue Target on Seedance 2.0 DemandAIJun 7, 2026ByteDance Raises Volcano Engine AI Revenue Target on Seedance 2.0 DemandByteDance’s Volcano Engine raised its full-year MaaS revenue target to RMB 15 billion after Seedance 2.0 became a larger AI revenue contributor. Seedance 2.0 is described as generating more than RMB 1 billion in monthly revenue, while average daily token consumption has grown by nearly 40% month-on-month. The practical test is whether Volcano Engine can keep video-generation usage converting into paid token consumption beyond high-usage content segments.Microsoft Uses Build 2026 to Push Agents Beyond CopilotAIJun 7, 2026Microsoft Uses Build 2026 to Push Agents Beyond CopilotMicrosoft used its Build 2026 keynote to introduce MAI models, Project Soltera and Microsoft Scout as part of a broader agent strategy. MAI-Thinking-1 is described as a 35-billion-parameter reasoning model with a 128,000-context window for multi-step instructions, long-context reasoning and code generation. The announcement gives Microsoft a clearer agent roadmap, but the source does not provide customer rollout data, pricing or enterprise adoption evidence.