Aurascape Aura Labs Identifies and Reports ChatGPT Agent Mode Vulnerability

News > Technology News

Carbonatix Pre-Player Loader

Audio By Carbonatix

8:00 AM on Tuesday, August 26

The Associated Press

SANTA CLARA, Calif.--(BUSINESS WIRE)--Aug 26, 2025--

Aurascape today announced that its research team, Aura Labs, discovered and responsibly disclosed a vulnerability in OpenAI’s ChatGPT Agent Mode. OpenAI has since patched the issue, reinforcing enterprise trust in adopting emerging AI features.

ChatGPT’s Agent Mode provides the AI with a temporary cloud-based “workspace” to run code, browse the web, and complete tasks. Aurascape researchers found a way the environment could be manipulated in unintended ways. While the issue was limited to the short-lived virtual machines tied to a single user’s session—and did not affect ChatGPT customer data—left unpatched, it could have allowed users to bypass safeguards and misuse the feature.

“Our research showed how quickly new AI features can introduce unexpected risks,” said Qi Deng, Security Researcher at Aurascape. “By working closely with OpenAI, we were able to help close the gap before it could impact customers. It’s a strong example of how responsible disclosure protects enterprises adopting AI.”

Aurascape reported the vulnerability to OpenAI on August 4, 2025. OpenAI confirmed the issue the same day and patched it within two weeks.

“We applaud OpenAI’s rapid response,” said Chris Morosco, Head of Marketing at Aurascape. “For customers, the outcome is clear: stronger protections and greater confidence in deploying AI assistants safely.”

Aurascape Customers Already Protected

Aurascape customers were safeguarded even before the patch. The Aurascape platform gives enterprises fine-grained control over how features like Agent Mode are used, allowing security teams to permit everyday ChatGPT use while limiting advanced functions until they’re fully vetted. This approach ensures organizations can confidently adopt new AI capabilities at their own pace.

The full blog post detailing Aurascape’s findings is available here: Your Agent, My Shell: How We Got a Reverse Shell on OpenAI ChatGPT Agent Mode.

About Aurascape

Aurascape is the AI-native security company, helping enterprises safely adopt generative AI by providing visibility, control, and governance over AI applications. With real-time, intention-based enforcement, Aurascape ensures organizations can embrace AI innovation securely and responsibly.

View source version on businesswire.com:https://www.businesswire.com/news/home/20250826738964/en/

CONTACT: Media Contact:

[email protected]

KEYWORD: UNITED STATES NORTH AMERICA CALIFORNIA

INDUSTRY KEYWORD: DATA MANAGEMENT SECURITY APPS/APPLICATIONS TECHNOLOGY SOFTWARE ARTIFICIAL INTELLIGENCE

SOURCE: Aurascape

Copyright Business Wire 2025.

PUB: 08/26/2025 08:00 AM/DISC: 08/26/2025 08:03 AM

http://www.businesswire.com/news/home/20250826738964/en

 

You might also be interested in:

Salem News Channel Today

Sponsored Links

On Air & Up Next

  • The Charlie Kirk Show
    12:00PM - 2:00PM
     
    Charlie Kirk is the next big thing in conservative talk radio and he's now   >>
     
  • The Scott Jennings Show
    2:00PM - 3:00PM
     
    Jennings is battle-tested on cable news, a veteran of four presidential   >>
     
  • The Hugh Hewitt Show
    3:00PM - 6:00PM
     
    Hugh Hewitt is one of the nation’s leading bloggers and a genuine media   >>
     
  • SEKULOW
    6:00PM - 7:00PM
     
    Logan Sekulow and Will Haynes are joined by Jordan Sekulow to discuss Justice   >>
     
  • The Larry Elder Show
    7:00PM - 10:00PM
     
    Larry Elder personifies the phrase “We’ve Got a Country to Save” The “Sage from   >>
     

See the Full Program Guide