Whisper Leak: How Threat Actors Can See What You Talk to AI About
Whisper Leak: How Threat Actors Can See What You Talk to AI About  
Podcast: Microsoft Threat Intelligence Podcast
Published On: Wed Dec 17 2025
Description: In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by security researchers Geoff McDonald and JBO to discuss Whisper Leak, new research showing that encrypted AI traffic can still unintentionally reveal what a user is asking about through patterns in packet size and timing.   They explain how LLM token streaming enables this kind of side-channel attack, why even well-encrypted conversations can be classified for sensitive topics, and what this means for privacy, national-level surveillance risks, and secure product design. The conversation also walks through how the study was conducted, what patterns emerged across different AI models, and the steps developers should take to mitigate these risks.  In this episode you’ll learn:       Why packet sizes and timing patterns reveal more information than most users realize  How user-experience choices like showing streamed text create a larger attack surface  The difference between classic timing attacks and the new risks uncovered in Whisper Leak    Resources:   View JBO on LinkedIn  View Geoff McDonald on LinkedIn    View Sherrod DeGrippo on LinkedIn    Learn more about Whisper Leak     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.