AI providers plug metadata leak that exposed encrypted chat topics

Microsoft has disclosed a new side-channel attack that could let eavesdroppers infer chat topics even through end-to-end encryption.

Although there is no indication that the attack has been exploited in the wild, major AI chatbot providers have rolled out defences to protect users' privacy.

OpenAI, Microsoft, Mistral and xAI have all deployed mitigations against the "Whisper Leak" attack, which exploits the pattern of encrypted packet sizes and timing during streaming responses.

Whisper Leak is based on a fundamental characteristic of streaming language models rather than an implementation flaw.

The vulnerability exploits how large language models generate responses token by token, creating distinctive digital fingerprints that machine learning classifiers can identify with high accura