
CrowdStrike identifies five new prompt injection threats to AI
Security company CrowdStrike has identified five new prompt injection techniques that could leave enterprises at risk. Prompt injections attacks exploit the growing use of AI within organizations . They work by tricking LLMs into accepting instructions that a human operator would recognize as dubious.
The five new types of attack that CrowdStrike has added to its prompt injection taxonomy are:
Trigger-Activated Rule Addition in which an attacker adds a new rule that looks innocuous at first, but can be triggered later to cause strange behavior within the model.
Cognitive Token Suppression,a way to circumvent built-in safety measures by shifting the model’s linguistic choices away from establ...