// ChatgptMEDIUM
Threat actors are executing an active malvertising campaign leveraging ChatGPT's shared content and code-rendering features to host phishing pages on legitimate chatgpt.com/s/ domains. Victims lured via malicious Google ads and SEO poisoning are presented with fake service outage warnings prompting desktop app downloads, which deliver infostealer malware. The campaign exploits trusted ChatGPT domains and conditional rendering evasion to bypass security scanning. Both ChatGPT and Claude users are being targeted with variant attacks.
- Attackers Abuse Shared Content for ChatGPT Phishing Campaign - I(opens in a new tab)
- GlobalProtect VPN exploited, ChatGPT share links exploits, Feds (opens in a new tab)
- Attackers Abuse Shared Content for ChatGPT Phishing Campaign - I(opens in a new tab)
// Get alerts for Chatgpt