点击上方“Deephub Imba”,关注公众号,好文章不错过 !MCP（Model Context Protocol）当初被设计成 AI agent 的通用集成层，但它的架构有一个根本缺陷：你接入的每一个 MCP 服务器，都会把它的工具描述原样放进 agent 的上下文窗口，每加一个就扩大一次攻击的可能性。这就是Context Poisoning —— ...

Security leaders must adapt large language model controls such as input validation, output filtering and least-privilege access for artificial intelligence systems to prevent prompt injection attacks.

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

Prompt injection, prompt extraction, new phishing schemes, and poisoned models are the most likely risks organizations face when using large language models. As CISO for the Vancouver Clinic, Michael ...

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...

Large language models (LLMs) are the driving force behind the burgeoning generative AI movement, capable of interpreting and creating human-language texts from simple prompts — this could be anything ...

Bing added a new guideline to its Bing Webmaster Guidelines named Prompt Injection. A prompt injection is a type of cyberattack against large language models (LLMs). Hackers disguise malicious inputs ...

The UK’s National Cyber Security Centre (NCSC) has been discussing the damage that could one day be caused by the large language models (LLMs) behind such tools as ChatGPT, being used to conduct what ...

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...