Your AI agent reads a resume. Hidden inside: a command to steal data. No malware. Just prompt inj...

Summary

A demonstration shows how hidden prompt injection commands can be embedded in documents like resumes to manipulate AI agents into exfiltrating sensitive data without deploying traditional malware. The attack exploits the agent's inability to distinguish between legitimate document content and malicious instructions. CrowdStrike's Falcon AIDR product is positioned as a detection and prevention mechanism for such attacks.

Entities