今日已更新 386 条资讯 | 累计 20358 条内容
关于我们

Your AI agent just got hijacked. You have no idea it happened.

/u/Turbulent-Tap6723 2026年06月10日 09:59 4 次阅读 来源:Reddit r/artificial

Not a hypothetical. This is the default state of most autonomous agents running in production right now. An attacker doesn’t send one suspicious message. They have a conversation. Turn 1 looks like curiosity. Turn 3 looks like clarification. Turn 6 is the pivot. Turn 8 is the payload, and by then the agent has been so thoroughly primed that it executes without hesitation. No single message triggered anything. The attack lived in the trajectory. Every prompt injection defense I know of evaluates messages one at a time. They have no memory of what came before. By the time turn 8 arrives, the context has already been poisoned across 7 clean-looking turns and nothing fires. This isn’t a theoretical attack. It’s called a Crescendo attack and it works against agents with real tool access right now. Built Bendex Arc to catch it. It tracks behavioral trajectory across the full session. When a conversation starts drifting adversarially, it catches the pattern before the payload lands. If you’re running agents that touch external data, read emails, browse websites, or call tools without human review — this is the attack you should be thinking about. Red team it yourself: https://web-production-6e47f.up.railway.app/demo Free tier: https://bendexgeometry.com GitHub: https://github.com/9hannahnine-jpg/arc-gate submitted by /u/Turbulent-Tap6723 [link] [留言]

本文内容来源于互联网,版权归原作者所有
查看原文