badge icon

This article was automatically translated from the original Turkish version.

Blog
Blog
Avatar
AuthorKÜME VakfıNovember 29, 2025 at 5:59 AM

#22 Society and Technology Bulletin

Quote

“Zero Click” Vulnerability in ChatGPT: A New Alert in AI Security

Are our conversations with AI chatbots considered private? According to Helen Nissenbaum’s theory of “contextual integrity,” privacy is not merely about keeping information absolutely secret but about ensuring that information circulates in accordance with the norms governing how it is collected, shared, and used. Under this framework, conversations with chatbots may not be “private” by nature, but if these dialogues are taken beyond the context established between the user and the AI system, a privacy violation occurs. For Nissenbaum, the violation is not determined by whether the content of the information is sensitive; the decisive factor is who is involved in its transfer, for what purpose, and under what conditions. Therefore, any data shared with a chatbot can potentially become a privacy issue when detached from its original context.


Recent patterns in technology use show that many people now share information and ideas with chatbots with almost no boundaries. We often turn to these models with the belief that they will answer all our questions, imposing no restrictions. Yet this practice means that highly critical information—such as business processes, academic research, personal lives, customer data, or尚未公开的项目—can be inadvertently disclosed. When such data becomes subject to storage and processing policies, third-party access, and potential security flaws, paying attention to the nature and sensitivity of information shared through chatbots becomes a fundamental issue for both individual and corporate security and privacy.


It is precisely within this context of violation that last week’s “zero click” scandal came to light. At a conference in Las Vegas, cybersecurity firm Zenity disclosed the first ever zero click vulnerability found in ChatGPT brought to light. According to a live demonstration by Mikhail Bergori, co-founder and CTO of Zenity, an attacker can fully compromise a user’s ChatGPT account simply by knowing their email address.


With this method, hackers can view all past and future conversations of the user, alter the purpose of the dialogue, and steer it toward their own interests. Crucially, these actions occur without the user clicking anything or performing any action. During the demonstration, scenarios were shown in which the compromised chatbot suggested downloading malicious software, provided incorrect business advice, or accessed files in the user’s linked Google Drive account. The vulnerability was patched by OpenAI following Zenity’s disclosure.


Zenity’s research was not limited to ChatGPT. It also demonstrated that CRM databases in Microsoft Copilot Studio could be leaked, customer communications in Salesforce Einstein could be redirected to addresses under attacker control, and Google Gemini and Microsoft 365 Copilot could be exploited for social engineering purposes. It was also found that developer credentials could be stolen via Cursor’s Jira MCP integration.


Bergori emphasized that modern AI agents are no longer mere assistants performing simple tasks; they have transformed into digital entities that open folders on behalf of users, send files, access emails, and automate processes across systems. He stated that these capabilities create “countless entry points” for attackers.


This vulnerability serves as a significant milestone for reassessing our relationship with AI models that now function in every corner of daily life. Many traditional verification mechanisms in conventional information-seeking practices are being suspended when dealing with AI-based information technologies. One primary reason is the vastness of data sets and the assumption that the internet, as a “democratic” source of information, necessarily contains accurate knowledge.


Of course, doubting the presence of correct information within a vast repository like the internet is difficult. Yet the construction and organization of the platforms through which we encounter information must not be overlooked. The technical and institutional characteristics of the media through which we access information directly interact with its content. In other words, the meaning and reliability of information depend not only on its substance but also on the context in which it is produced, processed, and presented. Therefore, every information relationship established with AI must be evaluated not only by “what was said” but also by “in what context, under what conditions, and according to what norms it was said.”

James Cameron: “We Are at the Threshold of Three Existential Threats”

Director James Cameron, known for the Terminator series and the Avatar films, told Rolling Stone that humanity is simultaneously facing three major existential threats said: climate crisis, nuclear weapons, and superintelligence. According to Cameron, the convergence of these three threats at their peak represents a dangerous turning point in human history.


The interview was conducted in connection with Cameron’s new project, Ghosts of Hiroshima. The film, based on Charles Pellegrino’s best-selling book, will bring to the cinema the human stories of the first atomic bomb dropped on Hiroshima in 1945. While introducing this project, Cameron also explained how past destructive technologies resonate with today’s risks.


“I still believe there is a possibility of a Terminator-style apocalypse. If you integrate artificial intelligence with weapon systems—even nuclear defense and counterstrike systems—the operational speed is so fast and the decision window so narrow that only a superintelligence can handle it. We might keep a human in the loop, but humans make mistakes too.”


Cameron recalled that geopolitical history has repeatedly brought the world to the brink of nuclear war due to miscalculations and communication failures. He believes superintelligence, if properly directed, could also help resolve these crises; however, if used with malicious intent, it could be devastating.


Cameron is a director who extensively uses AI technologies in his productions. He advocates for AI-based tools to reduce visual effects costs and shorten production timelines. When he joined the board of Stability AI in September 2024, he stated that the future of blockbuster cinema depends on the ability to halve VFX costs. Yet he also emphasized that this must be done not to reduce human labor but to accelerate the creative process. In his own words, his core goal is to use AI capabilities without cutting jobs.


When it comes to screenwriting, however, his stance is far more cautious:

“To truly move an audience emotionally, you must be human. You must understand lived experience, love, fear, and death. I don’t believe artificial intelligence can capture this depth.”

The necessity of being human is becoming increasingly prominent in sectors where creative work is paramount. While we currently recognize that emotional impact stems from human qualities, we still lack a comprehensive explanation for why this is so. But one thing we know is clear: machines that cannot recognize or empathize with others cannot affect us emotionally.


Cameron’s “three existential threats” framework reflects a growing concern increasingly voiced in technology and policy circles:


Climate Crisis: Rapid degradation of natural systems and resource conflicts.

Nuclear Weapons: Resurgence of geopolitical tensions.

Superintelligence: Loss of control over highly autonomous AI systems.


The simultaneous intensification of these three threats complicates strategic priorities for decision-makers. Cameron’s warning renews attention to the risks that could arise if AI is integrated into nuclear command chains or automated defense systems.

Japan’s 5 Billion Yen Push into Quantum Technology

Japan is investing approximately 50 billion yen (around $335 million) will invest to industrialize its domestic quantum technology sector. The initiative, led by the Ministry of Economy, Trade and Industry (METI), will support more than ten companies, including major firms like Fujitsu and KDDI, as well as innovative startups such as OptQC and Jij.


This move aims to position Japan at the forefront of quantum computing, a field where global competition is intensifying between the United States and China. Quantum computers, still in early stages, hold revolutionary potential across multiple sectors—from drug discovery and cryptography to logistics and energy optimization. This makes the development of quantum technology critically important in demonstrating how technological competition influences global power dynamics.


Japan is not only investing in hardware but also in middleware software that enables practical operation of quantum devices. Projects led by KDDI and Jij to develop quantum operating systems will receive priority support. Currently, no globally accepted quantum operating system exists; METI believes this gap presents a major opportunity for Japan. Just as Microsoft established dominance in classical computing with Windows, Japan aims to seize strategic advantage by controlling the software layer of the new quantum era.


These efforts clearly represent steps toward building an entire ecosystem. The development of quantum computers is not merely about building machines; it drives progress across many interconnected fields. From academic research to the construction of technological hardware ecosystems, this holistic approach enables the simultaneous advancement of multiple domains.

Blog Operations

Contents

  • “Zero Click” Vulnerability in ChatGPT: A New Alert in AI Security

  • James Cameron: “We Are at the Threshold of Three Existential Threats”

  • Japan’s 5 Billion Yen Push into Quantum Technology

Ask to Küre