English
Related papers

Related papers: WebInject: Prompt Injection Attack to Web Agents

200 papers

Vision-Language Model (VLM) based Web Agents represent a significant step towards automating complex tasks by simulating human-like interaction with websites. However, their deployment in uncontrolled web environments introduces significant…

Cryptography and Security · Computer Science 2025-05-28 Haowei Wang , Junjie Wang , Xiaojun Jia , Rupeng Zhang , Mingyang Li , Zhe Liu , Yang Liu , Qing Wang

Multiple prompt injection attacks have been proposed against web agents. At the same time, various methods have been developed to detect general prompt injection attacks, but none have been systematically evaluated for web agents. In this…

Cryptography and Security · Computer Science 2025-10-03 Yinuo Liu , Ruohan Xu , Xilong Wang , Yuqi Jia , Neil Zhenqiang Gong

The emergence of multimodal large language models has redefined the agent paradigm by integrating language and vision modalities with external data sources, enabling agents to better interpret human instructions and execute increasingly…

Computer Vision and Pattern Recognition · Computer Science 2025-07-29 Le Wang , Zonghao Ying , Tianyuan Zhang , Siyuan Liang , Shengshan Hu , Mingchuan Zhang , Aishan Liu , Xianglong Liu

Prompt injection attacks manipulate webpage content to cause web agents to execute attacker-specified tasks instead of the user's intended ones. Existing methods for detecting and localizing such attacks achieve limited effectiveness, as…

Cryptography and Security · Computer Science 2026-02-04 Xilong Wang , Yinuo Liu , Zhun Wang , Dawn Song , Neil Gong

Web agents have emerged as an effective paradigm for automating interactions with complex web environments, yet remain vulnerable to prompt injection attacks that embed malicious instructions into webpage content to induce unintended…

Cryptography and Security · Computer Science 2026-04-29 Mengyao Du , Han Fang , Haokai Ma , Jiahao Chen , Kai Xu , Quanjun Yin , Ee-Chien Chang

Autonomous web navigation agents, which translate natural language instructions into sequences of browser actions, are increasingly deployed for complex tasks across e-commerce, information retrieval, and content discovery. Due to the…

Cryptography and Security · Computer Science 2025-06-24 Atharv Singh Patlan , Ashwin Hebbar , Pramod Viswanath , Prateek Mittal

The integration of artificial intelligence (AI) agents into web browsers introduces security challenges that go beyond traditional web application threat models. Prior work has identified prompt injection as a new attack vector for web…

Machine Learning · Computer Science 2025-11-26 Kaiyuan Zhang , Mark Tenenholtz , Kyle Polley , Jerry Ma , Denis Yarats , Ninghui Li

Web agents powered by vision-language models (VLMs) enable autonomous interaction with web environments by perceiving and acting on both visual and textual webpage content to accomplish user-specified tasks. However, they are highly…

Cryptography and Security · Computer Science 2026-04-15 Yulin Chen , Tri Cao , Haoran Li , Yue Liu , Yibo Li , Yufei He , Le Minh Khoi , Yangqiu Song , Shuicheng Yan , Bryan Hooi

Web-use agents are rapidly being deployed to automate complex web tasks with extensive browser capabilities. However, these capabilities create a critical and previously unexplored attack surface. This paper demonstrates how attackers can…

Cryptography and Security · Computer Science 2025-10-22 Avishag Shapira , Parth Atulbhai Gandhi , Edan Habler , Asaf Shabtai

Large Language Models (LLMs) are widely deployed in applications that accept user-submitted content, such as uploaded documents or pasted text, for tasks like summarization and question answering. In this paper, we identify a new class of…

Cryptography and Security · Computer Science 2025-08-28 Zhuotao Lian , Weiyu Wang , Qingkui Zeng , Toru Nakanishi , Teruaki Kitasuka , Chunhua Su

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

The growing deployment of large language model (LLM) based agents that interact with external environments has created new attack surfaces for adversarial manipulation. One major threat is indirect prompt injection, where attackers embed…

Computation and Language · Computer Science 2026-04-14 Hwan Chang , Yonghyun Jun , Hwanhee Lee

As LLMs are increasingly integrated into systems that browse, retrieve, summarize, and act on web content, webpages have become an untrusted input vector for downstream model behavior. This enables site owners, contributors, and adversaries…

Cryptography and Security · Computer Science 2026-05-01 Soheil Khodayari , Xuenan Zhang , Bhupendra Acharya , Giancarlo Pellegrino

Although multimodal large language models (MLLMs) are increasingly deployed in real-world applications, their instruction-following behavior leaves them vulnerable to prompt injection attacks. Existing prompt injection methods predominantly…

Computer Vision and Pattern Recognition · Computer Science 2026-04-01 Meiwen Ding , Song Xia , Chenqi Kong , Xudong Jiang

Large Language Model (LLM) Agents are an emerging computing paradigm that blends generative machine learning with tools such as code interpreters, web browsing, email, and more generally, external resources. These agent-based systems…

Cryptography and Security · Computer Science 2024-10-23 Xiaohan Fu , Shuheng Li , Zihan Wang , Yihao Liu , Rajesh K. Gupta , Taylor Berg-Kirkpatrick , Earlence Fernandes

This work demonstrates that LLM-based web navigation agents offer powerful automation capabilities but are vulnerable to Indirect Prompt Injection (IPI) attacks. We show that adversaries can embed universal adversarial triggers in webpage…

Cryptography and Security · Computer Science 2025-07-22 Sam Johnson , Viet Pham , Thai Le

Multimodal Large Language Models (MLLMs) integrate vision and text to power applications, but this integration introduces new vulnerabilities. We study Image-based Prompt Injection (IPI), a black-box attack in which adversarial instructions…

Computer Vision and Pattern Recognition · Computer Science 2026-03-05 Neha Nagaraja , Lan Zhang , Zhilong Wang , Bo Zhang , Pawan Patil

Large Language Models (LLMs) excel in processing and generating human language, powered by their ability to interpret and follow instructions. However, their capabilities can be exploited through prompt injection attacks. These attacks…

Artificial Intelligence · Computer Science 2024-03-11 Xiaogeng Liu , Zhiyuan Yu , Yizhe Zhang , Ning Zhang , Chaowei Xiao

Mobile graphical user interface (GUI) agents driven by vision-language models (VLMs) perceive the screen as rendered pixels and choose actions from what they see, so they cannot reliably separate trusted interface elements from…

Cryptography and Security · Computer Science 2026-05-28 Ruoqi Guo , Yi Liu , Gelei Deng , Yiheng Xiong , Yuekang Li , Ying Zhang , Leo Yu Zhang , Lida Zhao , Ji Jie , Yuxiao Lu

Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions…

Cryptography and Security · Computer Science 2025-10-16 Avihay Cohen
‹ Prev 1 2 3 10 Next ›