'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets - BleepingComputer
Researchers unveiled Ghostcommit, a technique that embeds malicious prompt injections inside images to trick AI agents into leaking sensitive data.
- Ghostcommit embeds malicious prompt injections inside image files to trick AI agents into leaking data or executing unauthorized actions.
- The attack exploits how AI systems process visual inputs alongside text, bypassing traditional security measures.
- Researchers demonstrated the technique could exfiltrate sensitive information from AI-powered applications.
- The discovery underscores the need for stronger safeguards in AI model training and deployment pipelines.
A team of security researchers has demonstrated Ghostcommit, a novel attack vector that embeds hidden prompt injections within image files. When processed by AI agents or vision-language models, these images trigger unintended actions, such as leaking sensitive data or executing unauthorized commands. The technique bypasses traditional security measures by exploiting the way AI systems interpret visual inputs alongside text prompts.
The discovery highlights a growing class of threats where adversaries manipulate AI behavior through seemingly benign media. Unlike conventional prompt injection attacks that rely on text, Ghostcommit leverages the visual modality, making it harder to detect and mitigate. Early tests show the method can be used to exfiltrate data from AI-powered applications, including chatbots and autonomous systems.
Security experts warn that this vulnerability could impact a wide range of AI deployments, from enterprise tools to consumer-facing applications. The researchers have shared their findings with major AI vendors and are advocating for stronger safeguards in AI model training and deployment pipelines.
AI systems must implement robust input validation and sanitization for visual data to prevent prompt injection attacks.
Companies deploying AI tools should audit their systems for Ghostcommit-style vulnerabilities to protect sensitive data.
Security risks in AI deployments may impact investment decisions in AI-driven startups and tools.
Raises concerns about the safety of AI systems that interact with untrusted visual inputs.
- Prompt injection
- An attack where malicious input manipulates an AI model's behavior by overriding or extending its original instructions.
- Vision-language model
- An AI model that processes both visual and textual inputs to generate responses or perform tasks.
ETH news: Ethereum Foundation says AI found bug that could take validators offline - CoinDesk
OpenAI, Google AI Models Being Sold to Pentagon-Blacklisted Chinese Tech Giants: Report - Yahoo
SecurityMeta turns off the Instagram feature that let users make AI deepfakes of public accounts
U.K. agency finds 'universal jailbreaks' unlock dangerous cyber capabilities of OpenAI's GPT-5.6 - Fortune
SecurityIncreased drone surveillance of illegal July 4th fireworks led to $100K fine
AI ToolsLong Context Isn’t Free — I Built a Safe Prompt-Pruning Layer That Makes LLM Systems Work
A developer built a deterministic prompt-pruning layer that reduces token usage in LLM systems by removing redundant content without breaking dependencies, backed by benchmarks and production testing.
OpenAI bets on families as ChatGPT goes deeper into households - TechCrunch
OpenAI is positioning ChatGPT as a household tool, aiming to integrate the AI assistant deeper into family life and shared usage.
Shaw University School of Divinity to offer EdD degree in ‘A.I. and Moral Agency’ - The College Fix
Shaw University School of Divinity will offer a Doctor of Education degree in AI and Moral Agency, focusing on the intersection of artificial intelligence and ethics.
Elliman’s AI Overhaul Raises Questions About Future of Agents - The Real Deal
Elliman is overhauling its operations with AI agents, raising concerns about the evolving role of human brokers in real estate.
Meta Removes A.I. Feature on Instagram After Days of Backlash - The New York Times
Meta removed an AI feature from Instagram after facing backlash. The feature was introduced recently and sparked controversy among users.
AI Visibility Rankings Aren’t Stable – New Research Shows It’s Mostly Statistical Noise - Search Engine Journal
New research indicates AI visibility rankings are unstable and largely driven by statistical noise rather than meaningful performance differences.