ABUJA, Dec. 8, 2025 (Naija247news) – Nigeria’s technology regulator has issued a fresh cybersecurity advisory warning users of ChatGPT about newly discovered vulnerabilities in OpenAI’s GPT-4.0 and GPT-5 models that could expose sensitive data and trigger unintended system actions.
The National Information Technology Development Agency (NITDA), in a statement by its Director of Corporate Affairs and External Relations, Hadiza Umar, said its analysts identified seven critical weaknesses linked to indirect prompt-injection attacks embedded in websites, online comments, and crafted URLs.
According to the agency, attackers can hide malicious instructions inside everyday digital content, enabling ChatGPT to execute unintended commands during routine browsing, summarisation, or search operations. Some of the flaws, Umar noted, also allow bad actors to bypass model safety filters using trusted domains or exploit markdown-rendering bugs to conceal harmful payloads.
“NITDA’s assessment shows that these vulnerabilities could even poison ChatGPT’s memory, allowing hidden instructions to persist across future interactions,” she said.
While OpenAI has reportedly addressed portions of the issue, Umar said large language models still struggle to differentiate legitimate user intent from malicious embedded data, posing risks that include unauthorised actions, information leakage, manipulated outputs, and long-term behavioural drift.
To mitigate exposure, NITDA advised organisations to restrict or disable ChatGPT’s browsing and summarisation of untrusted websites, enable advanced features like memory only when operationally necessary, and ensure regular updates or patches for GPT-4.0 and GPT-5 deployments.
The agency urged enterprises using AI to adopt stronger governance and monitoring frameworks to prevent data compromise and operational disruptions.
Emman Tochi ✔
Emma Tochi is Naija247news Media Northern Bureau Chief, he's based in FCT Abuja. He overseas the northern operations of this business media
View Archive →
