|
|
|
|
|
|
by tanbablack
97 days ago
|
|
|
Great writeup. Attackers are also "optimizing content for agents" — just with malicious intent. Unit42 published research in March 2026 confirming websites in the wild embedding hidden instructions specifically targeting AI agents.
Techniques include zero-font CSS text, invisible divs, and JS dynamic injection. One site had 24 layered injection attempts. The same properties that make content agent-friendly (structured, parseable, in the DOM) also make it a perfect delivery mechanism for indirect prompt injection. |
|
|