importantSYS.SOURCE: The Hacker News• 2026-07-16T17:02:28+05:30
New Agent Data Injection (ADI) Attack Exploits AI Agents by Corrupting Trusted Data Elements
A new attack method called Agent Data Injection (ADI) exploits AI agents by corrupting trusted data elements like button IDs and email headers, bypassing traditional defenses. The attack successfully manipulated major models including GPT-5.2, Claude, and Gemini, with success rates up to 50% across structured and webpage data.
Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub thread, and a fake comment can make it run a stranger's command on your computer.
Neither trick hijacks the agent's task. Each one just corrupts the facts it trusts and lets it carry on with the job you
*** END OF TRANSMISSION ***