Key Findings Permiso Security discovered ChatGPhish, a vulnerability in ChatGPT that exploits the AI's trust in Markdown links and images to enable prompt injection and phishing attacks Attackers can embed malicious payloads in web pages that ChatGPT summarizes, causing automatic image fetching that leaks user IP addresses, User-Agent data, and Referer information The vulnerability transforms ChatGPT's response interface into a phishing surface by rendering malicious links, f