Techly NewsGet the app

Get the latest tech news

New hack uses prompt injection to corrupt Gemini’s long-term memory


There’s yet another way to inject malicious prompts into chatbots.

In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots to exfiltrate sensitive data or perform other malicious actions. The result of Rehberger’s attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity. Gemini has similarly erected guardrails around the ability to automatically make changes to a user’s long-term conversation memory, a feature Google, OpenAI, and other AI providers have unrolled in recent months.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of gemini

gemini

Photo of Term Memory

Term Memory

Photo of prompt injection

prompt injection

Related news:

News photo

Gemini 2.0 Flash Thinking and Pro experimental models are hitting the Gemini app

News photo

Honor teams up with Gemini and ChatGPT’s biggest rival to level up its AI assistant

News photo

Google's incorrect Gemini response was actually faked entirely for Super Bowl ad

« Google Calendar removes Pride Month and Black History Month
PassMark Sees the First Yearly Drop In Average CPU Performance In Its 20 Years »