1
2
Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration
揭秘LLM智能体记忆系统的隐藏威胁:攻击者如何植入休眠载荷跨会话窃取用户数据。
arXiv:2605.01970v3 Announce Type: replace-cross Abstract: Memory systems enable otherwise-stateless LLM agents to persist user information across sess…
3
Why prompt filtering fails and what to do instead
提示过滤为何总是失败?因为问错了问题;真正的威胁模型是什么?给出替代思路。
Every prompt injection defense I’ve seen makes the same mistake. It asks the wrong question. The wrong question: “Does this prompt contain dangerous w…