New hack uses prompt injection to corrupt Gemini's long-term memory
2025-02-11
Ars Technica

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Researchers, including Johann Rehberger, demonstrated a new prompt injection method that permanently corrupts Google Gemini's long-term memory. The hack uses indirect and delayed tool invocation techniques to implant false data, raising concerns about security and potential harm from persistent inaccurate AI behavior across sessions.[AI generated]