Security Flaws Found in Popular AI Chat Platform Used by Businesses

Security researchers at Zafran Security found four vulnerabilities in Dify, a popular open source platform that helps businesses build AI chatbot applications. The platform has more than 146,000 users on GitHub. These flaws, called DifyTap, could allow attackers to secretly read AI conversations from other customers' applications without needing a password or any authentication.

This means private business conversations with AI assistants could potentially be exposed. This affects businesses and developers who use Dify to create AI chatbot applications for their customers.

If you are a home user who simply uses ChatGPT, Google Gemini, or other mainstream AI chatbots directly, this specific vulnerability does not affect you. However, if you use an AI assistant provided by your employer or a business that might be built on the Dify platform, your conversations could have been at risk before the fix. If your company uses Dify or you know your workplace has custom AI chatbots, here is what to do:

1. Contact your IT department or the company that provides your AI tools and ask if they use Dify and whether they have updated to the patched version.
2. Review what information you have shared in AI chat conversations at work. Assume those conversations might not be fully private.
3. Avoid putting highly sensitive information like passwords, social security numbers, or confidential business data into AI chatbots unless you are certain they are secure. Going forward, treat AI chatbots with the same caution you use for email or text messages. Never assume any online conversation is completely private. Before sharing sensitive information with any AI assistant, ask who can access those conversations and how the data is protected. This applies whether you are using AI tools at work, at home, or on your phone.