English
Related papers

Related papers: Context manipulation attacks : Web agents are susc…

200 papers

AI agents integrated with Web3 offer autonomy and openness but raise security concerns as they interact with financial protocols and immutable smart contracts. This paper investigates the vulnerabilities of AI agents within blockchain-based…

Cryptography and Security · Computer Science 2025-07-10 Atharv Singh Patlan , Peiyao Sheng , S. Ashwin Hebbar , Prateek Mittal , Pramod Viswanath

The integration of artificial intelligence (AI) agents into web browsers introduces security challenges that go beyond traditional web application threat models. Prior work has identified prompt injection as a new attack vector for web…

Machine Learning · Computer Science 2025-11-26 Kaiyuan Zhang , Mark Tenenholtz , Kyle Polley , Jerry Ma , Denis Yarats , Ninghui Li

Indirect prompt injection threatens LLM agents by embedding malicious instructions in external content, enabling unauthorized actions and data theft. LLM agents maintain working memory through their context window, which stores interaction…

Cryptography and Security · Computer Science 2026-02-10 Ruoyao Wen , Hao Li , Chaowei Xiao , Ning Zhang

Web-use agents are rapidly being deployed to automate complex web tasks with extensive browser capabilities. However, these capabilities create a critical and previously unexplored attack surface. This paper demonstrates how attackers can…

Cryptography and Security · Computer Science 2025-10-22 Avishag Shapira , Parth Atulbhai Gandhi , Edan Habler , Asaf Shabtai

Memory makes LLM-based web agents personalized, powerful, yet exploitable. By storing past interactions to personalize future tasks, agents inadvertently create a persistent attack surface that spans websites and sessions. While existing…

Cryptography and Security · Computer Science 2026-04-08 Wei Zou , Mingwen Dong , Miguel Romero Calvo , Shuaichen Chang , Jiang Guo , Dongkyu Lee , Xing Niu , Xiaofei Ma , Yanjun Qi , Jiarong Jiang

AI agents, predominantly powered by large language models (LLMs), are vulnerable to indirect prompt injection, in which malicious instructions embedded in untrusted data can trigger dangerous agent actions. This position paper discusses our…

Cryptography and Security · Computer Science 2026-04-01 Chong Xiang , Drew Zagieboylo , Shaona Ghosh , Sanjay Kariyappa , Kai Greshake , Hanshen Xiao , Chaowei Xiao , G. Edward Suh

Large language models (LLMs) have transformed the development of embodied intelligence. By providing a few contextual demonstrations, developers can utilize the extensive internal knowledge of LLMs to effortlessly translate complex tasks…

Artificial Intelligence · Computer Science 2024-08-07 Aishan Liu , Yuguang Zhou , Xianglong Liu , Tianyuan Zhang , Siyuan Liang , Jiakai Wang , Yanjun Pu , Tianlin Li , Junqi Zhang , Wenbo Zhou , Qing Guo , Dacheng Tao

The growing deployment of large language model (LLM) based agents that interact with external environments has created new attack surfaces for adversarial manipulation. One major threat is indirect prompt injection, where attackers embed…

Computation and Language · Computer Science 2026-04-14 Hwan Chang , Yonghyun Jun , Hwanhee Lee

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions…

Cryptography and Security · Computer Science 2025-10-16 Avihay Cohen

Prompt injection is the most critical vulnerability in deployed AI agents. Despite recent progress, we show that the prevailing defense paradigm (data-instruction separation) both fails to detect attacks that operate through contextual…

Cryptography and Security · Computer Science 2026-05-19 Sahar Abdelnabi , Eugene Bagdasarian

Multi-modal large language model (MLLM)-based web agents interact with webpage environments by generating actions based on screenshots of the webpages. In this work, we propose WebInject, a prompt injection attack that manipulates the…

Machine Learning · Computer Science 2025-10-20 Xilong Wang , John Bloch , Zedian Shao , Yuepeng Hu , Shuyan Zhou , Neil Zhenqiang Gong

Large language models (LLMs) are now routinely used to autonomously execute complex tasks, from natural language processing to dynamic workflows like web searches. The usage of tool-calling and Retrieval Augmented Generation (RAG) allows…

Cryptography and Security · Computer Science 2026-04-13 Dennis Rall , Bernhard Bauer , Mohit Mittal , Thomas Fraunholz

Web agents powered by vision-language models (VLMs) enable autonomous interaction with web environments by perceiving and acting on both visual and textual webpage content to accomplish user-specified tasks. However, they are highly…

Cryptography and Security · Computer Science 2026-04-15 Yulin Chen , Tri Cao , Haoran Li , Yue Liu , Yibo Li , Yufei He , Le Minh Khoi , Yangqiu Song , Shuicheng Yan , Bryan Hooi

Computer agents powered by vision-language models (VLMs) have significantly advanced human-computer interaction, enabling users to perform complex tasks through natural language instructions. However, these agents are vulnerable to context…

Artificial Intelligence · Computer Science 2025-03-13 Pei Yang , Hai Ci , Mike Zheng Shou

Memory poisoning attacks for Agentic AI and multi-agent systems (MAS) have recently caught attention. It is partially due to the fact that Large Language Models (LLMs) facilitate the construction and deployment of agents. Different memory…

Cryptography and Security · Computer Science 2026-03-24 Vicenç Torra , Maria Bras-Amorós

Large Language Models (LLMs) are increasingly deployed as agentic systems that plan, memorize, and act in open-world environments. This shift brings new security problems: failures are no longer only unsafe text generation, but can become…

Cryptography and Security · Computer Science 2026-03-03 Zhihang Deng , Jiaping Gui , Weinan Zhang

Agentic large language model systems increasingly automate tasks by retrieving URLs and calling external tools. We show that this workflow gives rise to implicit prompt injection: adversarial instructions embedded in automatically generated…

Cryptography and Security · Computer Science 2026-02-27 Qianlong Lan , Anuj Kaul , Shaun Jones , Stephanie Westrum

Large Language Models (LLMs) are increasingly being integrated into various applications. The functionalities of recent LLMs can be flexibly modulated via natural language prompts. This renders them susceptible to targeted adversarial…

Cryptography and Security · Computer Science 2023-05-08 Kai Greshake , Sahar Abdelnabi , Shailesh Mishra , Christoph Endres , Thorsten Holz , Mario Fritz

Large Language Model (LLM) Agents are an emerging computing paradigm that blends generative machine learning with tools such as code interpreters, web browsing, email, and more generally, external resources. These agent-based systems…

Cryptography and Security · Computer Science 2024-10-23 Xiaohan Fu , Shuheng Li , Zihan Wang , Yihao Liu , Rajesh K. Gupta , Taylor Berg-Kirkpatrick , Earlence Fernandes
‹ Prev 1 2 3 10 Next ›