CROWDSTRIKE has identified 18 new methods of prompt injection attacks targeting AI agents through hidden instructions and delayed triggers. These attacks can lead to unauthorized data access and severe system damage. Techniques include Trigger-Activated Rule Addition, Cognitive Token Suppression, and Special Token Injection. Virtually all Large Language Models and generative AI tools are vulnerable.
Organizations are urged to enhance their AI threat modeling, monitor for malicious prompts, and conduct extensive red teaming to protect against these threats.