English
Related papers

Related papers: MemMorph: Tool Hijacking in LLM Agents via Memory …

200 papers

Large language model (LLM) agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject…

Cryptography and Security · Computer Science 2026-05-29 Hongtao Wang , Se Yang , Yu Chen , Puzhuo Liu

Large Language Model (LLM) agents increasingly rely on long-term memory and Retrieval-Augmented Generation (RAG) to persist experiences and refine future performance. While this experience learning capability enhances agentic autonomy, it…

Cryptography and Security · Computer Science 2025-12-22 Saksham Sahai Srivastava , Haoyu He

Modern LLM agents combine long-term memory for personalization with tool-calling interfaces for taking actions in the world -- a combination underpinning contemporary production systems. We study a previously unexamined failure of this…

Cryptography and Security · Computer Science 2026-05-26 Mahavir Dabas , Jihyun Jeong , Ming Jin , Ruoxi Jia

Safety evaluations of memory-equipped LLM agents typically measure within-task safety: whether an agent completes a single scenario safely, often under adversarial conditions such as prompt injection or memory poisoning. In deployment,…

Artificial Intelligence · Computer Science 2026-05-19 Ahmad Al-Tawaha , Shangding Gu , Peizhi Niu , Ruoxi Jia , Ming Jin

Memory makes LLM-based web agents personalized, powerful, yet exploitable. By storing past interactions to personalize future tasks, agents inadvertently create a persistent attack surface that spans websites and sessions. While existing…

Cryptography and Security · Computer Science 2026-04-08 Wei Zou , Mingwen Dong , Miguel Romero Calvo , Shuaichen Chang , Jiang Guo , Dongkyu Lee , Xing Niu , Xiaofei Ma , Yanjun Qi , Jiarong Jiang

Agents powered by large language models (LLMs) have demonstrated strong capabilities in a wide range of complex, real-world applications. However, LLM agents with a compromised memory bank may easily produce harmful outputs when the past…

Machine Learning · Computer Science 2026-02-16 Shen Dong , Shaochen Xu , Pengfei He , Yige Li , Jiliang Tang , Tianming Liu , Hui Liu , Zhen Xiang

Memory poisoning attacks for Agentic AI and multi-agent systems (MAS) have recently caught attention. It is partially due to the fact that Large Language Models (LLMs) facilitate the construction and deployment of agents. Different memory…

Cryptography and Security · Computer Science 2026-03-24 Vicenç Torra , Maria Bras-Amorós

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. This statefulness introduces a new security risk:…

Cryptography and Security · Computer Science 2026-05-19 Sidharth Pulipaka , Stanislau Hlebik , Leonidas Raghav , Sahar Abdelnabi , Vyas Raina , Ivaxi Sheth , Mario Fritz

Modern agentic systems allow Large Language Model (LLM) agents to tackle complex tasks through extensive tool usage, forming structured control flows of tool selection and execution. Existing security analyses often treat these control…

Cryptography and Security · Computer Science 2026-05-12 Zhenlin Xu , Xiaogang Zhu , Yu Yao , Minhui Xue , Yiliao Song

Research on large language model (LLM) security is shifting from "will the model leak training data" to a more consequential question: can an agent with persistent, long-term memory be continuously shaped, cross-session poisoned, accessed…

Cryptography and Security · Computer Science 2026-04-21 Zehao Lin , Chunyu Li , Kai Chen

Indirect prompt injection threatens LLM agents by embedding malicious instructions in external content, enabling unauthorized actions and data theft. LLM agents maintain working memory through their context window, which stores interaction…

Cryptography and Security · Computer Science 2026-02-10 Ruoyao Wen , Hao Li , Chaowei Xiao , Ning Zhang

Large Language Model (LLM) agents use memory to learn from past interactions, enabling autonomous planning and decision-making in complex environments. However, this reliance on memory introduces a critical security risk: an adversary can…

Cryptography and Security · Computer Science 2025-10-06 Qianshan Wei , Tengchao Yang , Yaochen Wang , Xinfeng Li , Lijun Li , Zhenfei Yin , Yi Zhan , Thorsten Holz , Zhiqiang Lin , XiaoFeng Wang

Large language model agents equipped with persistent memory are vulnerable to memory poisoning attacks, where adversaries inject malicious instructions through query only interactions that corrupt the agents long term memory and influence…

Cryptography and Security · Computer Science 2026-01-13 Balachandra Devarangadi Sunil , Isheeta Sinha , Piyush Maheshwari , Shantanu Todmal , Shreyan Mallik , Shuchi Mishra

Large language model (LLM) agents have demonstrated remarkable capabilities in complex reasoning and decision-making by leveraging external tools. However, this tool-centric paradigm introduces a previously underexplored attack surface,…

Artificial Intelligence · Computer Science 2026-01-08 Kanghua Mo , Li Hu , Yucheng Long , Zhihao Li

Self-evolving LLM agents update their internal state across sessions, often by writing and reusing long-term memory. This design improves performance on long-horizon tasks but creates a security risk: untrusted external content observed…

Cryptography and Security · Computer Science 2026-03-06 Xianglin Yang , Yufei He , Shuo Ji , Bryan Hooi , Jin Song Dong

Large language model agents increasingly rely on persistent memory to store past interactions, retrieve relevant demonstrations, and improve long-horizon task execution. However, this memory mechanism also creates a practical security…

Artificial Intelligence · Computer Science 2026-05-25 Zhewen Tan , Yilun Yao , Huiyan Jin , Wenhan Yu , Guoan Wang , Mengyuan Fan , liang lu , Feng Liu , Xiangzheng Zhang , Duohe Ma , Tong Yang , Lin Sun

Tool selection is a key component of LLM agents. A popular approach follows a two-step process - \emph{retrieval} and \emph{selection} - to pick the most appropriate tool from a tool library for a given task. In this work, we introduce…

Cryptography and Security · Computer Science 2025-08-26 Jiawen Shi , Zenghui Yuan , Guiyao Tie , Pan Zhou , Neil Zhenqiang Gong , Lichao Sun

Tool-use large language model (LLM) agents are increasingly deployed to support sensitive workflows, relying on tool calls for retrieval, external API access, and session memory management. While prior research has examined various threats,…

Cryptography and Security · Computer Science 2026-04-08 Wuyang Zhang , Shichao Pei

Large language model (LLM)-based agents combine LLMs with external tools to automate tasks such as scheduling meetings, managing documents, or booking travel. While these integrations unlock powerful capabilities, they also create new and…

Cryptography and Security · Computer Science 2026-04-22 Jonathan Evertz , Merlin Chlosta , Lea Schönherr , Thorsten Eisenhofer

Large Language Models (LLMs) based agents excel at diverse tasks, yet they suffer from brittle procedural memory that is manually engineered or entangled in static parameters. In this work, we investigate strategies to endow agents with a…

Computation and Language · Computer Science 2026-04-16 Runnan Fang , Yuan Liang , Xiaobin Wang , Jialong Wu , Shuofei Qiao , Pengjun Xie , Fei Huang , Huajun Chen , Ningyu Zhang
‹ Prev 1 2 3 10 Next ›