CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 07, 2026

New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks

Cybersecurity News Archived Jun 07, 2026 ✓ Full text saved

OpenAI has released ChatGPT Lockdown Mode, a new security feature designed to limit outbound network access and reduce the risk of data exfiltration from prompt-injection attacks. The feature is now available to eligible personal accounts, self-serve ChatGPT Business users, and managed enterprise workspaces. Prompt injection, where malicious instructions are embedded in content processed by an […] The post New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks appea

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks By Guru Baran June 6, 2026 OpenAI has released ChatGPT Lockdown Mode, a new security feature designed to limit outbound network access and reduce the risk of data exfiltration from prompt-injection attacks. The feature is now available to eligible personal accounts, self-serve ChatGPT Business users, and managed enterprise workspaces. Prompt injection, where malicious instructions are embedded in content processed by an AI model, remains a frontier security challenge. Lockdown Mode is specifically engineered to disrupt the final stage of a prompt injection attack: the unauthorized transfer of sensitive data to an attacker-controlled destination via outbound network requests. Importantly, Lockdown Mode does not prevent prompt injections from entering the model’s context. A malicious payload embedded in a cached webpage, an uploaded PDF, or any other ingested content can still influence model behavior and response accuracy. The feature focuses exclusively on blocking the exfiltration pathway, not the injection vector itself. ChatGPT Lockdown Mode When Lockdown Mode is active, the following ChatGPT capabilities are restricted: Live web browsing — Limited to cached content only; results may be stale or unavailable Image retrieval — ChatGPT cannot fetch or display web-derived images in responses Deep research — Fully disabled Agent mode — Fully disabled Canvas networking — Users cannot approve Canvas-generated code to make network requests File downloads — ChatGPT cannot download external files for data analysis; manually uploaded files remain accessible Memory, file uploads, conversation sharing, and model training settings are not affected by Lockdown Mode and remain independently configurable. OpenAI classifies app and connector configurations into risk tiers for Lockdown Mode environments: High risk: Read or write actions for untrusted apps; write actions for trusted apps with broad or uncertain visibility; both are explicitly not recommended. Medium risk: Sync connectors and read actions for trusted apps carry lower exfiltration sink risk but can still expose sensitive source data. Lower risk: Write actions for trusted apps are only permissible when side effects are confirmed to be visible only to trusted parties. For managed workspaces, Lockdown Mode does not automatically disable all connected apps. Administrators must manually configure role-based access controls (RBAC), assign trusted apps, and audit connector permissions to achieve meaningful protection. Enterprise workspace admins can enforce Lockdown Mode by creating a custom role designated as a “Lockdown Mode” role and assigning members or groups to it. The Compliance API Logs Platform provides persistent audit visibility into app usage, shared data, and connected sources independent of Lockdown Mode status. Notably, Lockdown Mode and Developer Mode are mutually exclusive; enabling one automatically disables the other. Additionally, Lockdown Mode has no effect on Codex network access. OpenAI acknowledges that Lockdown Mode does not guarantee complete protection. Residual risk exists through enabled third-party apps, unforeseen capability combinations, and novel exploitation techniques. Prompt injections hidden in uploaded files can still cause incorrect or manipulated AI responses even with Lockdown Mode active. Personal and self-serve Business users can enable the feature via Settings → Security → Advanced Security → Lockdown Mode. Enterprise admins should consult OpenAI’s RBAC documentation and Compliance API guidance for workspace-wide deployment. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora Hackers Publish Malicious Python Package Mimicking Legitimate Parsimonious Parser Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild Red Hat Confirms Supply Chain Compromise of @redhat-cloud-services npm Packages Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks Latest News Cyber Security News CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks Cyber Security News Top 5 Best Tools for Simulated DDoS Attacks in 2026 Cyber Security News Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks Cyber Security OWASP CVE Lite CLI – New Tool to Scan for Vulnerabilities in Your Projects Cyber Security News Anthropic’s Claude Services Down — claude.ai, Claude Code, and Cowork Affected [Updated]
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 07, 2026
    Archived
    Jun 07, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗