
Malicious Websites Hide Prompt Instructions in DOM to Poison AI Agent Decision-Making
Threat actors are turning web content into a new attack surface to target artificial intelligence workflows. Much like human users face phishing attacks, AI agents are increasingly vulnerable to Indirect Prompt Injection (IPI). Attackers embed malicious instructions directly into a website’s Document Object Model (DOM) to manipulate an AI agent’s reasoning. Zscaler ThreatLabz recently uncovered […]
The post Malicious Websites Hide Prompt Instructions in DOM to Poison AI Agent Decision-Making appeared first on Cyber Security News.