Techly NewsGet the app

Get the latest tech news

New Hack Uses Prompt Injection To Corrupt Gemini's Long-Term Memory


An anonymous reader quotes a report from Ars Technica: On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini -- specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when...

The result of Rehberger's attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity. Based on lessons learned previously, developers had already trained Gemini to resist indirect prompts instructing it to make changes to an account's long-term memories without explicit directions from the user. Google responded in a statement to Ars: "In this instance, the probability was low because it relied on phishing or otherwise tricking the user into summarizing a malicious document and then invoking the material injected by the attacker.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Term Memory

Term Memory

Photo of prompt injection

prompt injection

Photo of new hack

new hack

Related news:

News photo

New hack uses prompt injection to corrupt Gemini’s long-term memory

News photo

HippoRAG: Neurobiologically Inspired Long-Term Memory for Large Language Models

News photo

ZombAIs: From Prompt Injection to C2 with Claude Computer Use

« Gurman: iPhone SE 4 Coming 'By Next Week,' Other Announcements Starting Tomorrow
2 years into Unity's long downward spiral, even more employees are being laid off as CEO says it's still 'stretched across too many products' | A year after laying off 25% of its global workforce, engine maker Unity is cutting even deeper. »