Close Menu
  • Latest News
    • Market
    • Altcoins
    • Legal and Regulatory
  • Tech
    • Blockchain
    • Security and Privacy
  • Web 3
    • Web3 News
    • NFTs
    • Gaming
  • Learn
    • Education
    • Investments
    • Staking
    • Wallets and Exchanges
  • ICOs
  • Mining
  • Crypto Tools
    • Exchange Tool
  • Shop
What's Hot

Trump Bitcoin Conference Keynote Puts Crypto Policy Back In The Political Spotlight

July 6, 2026

How’s India Looking in the Global Crypto Regulation Race?

July 6, 2026

Indirect Prompt Injection in Web Content Targets AI Agents

July 6, 2026
Facebook X (Twitter) Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook X (Twitter) Instagram
CryptoPulseDaily.com
  • Latest News
    • Market
    • Altcoins
    • Legal and Regulatory
  • Tech
    • Blockchain
    • Security and Privacy
  • Web 3
    • Web3 News
    • NFTs
    • Gaming
  • Learn
    • Education
    • Investments
    • Staking
    • Wallets and Exchanges
  • ICOs
  • Mining
  • Crypto Tools
    • Exchange Tool
  • Shop
CryptoPulseDaily.com
Home»Security and Privacy»Indirect Prompt Injection in Web Content Targets AI Agents
Indirect Prompt Injection in Web Content Targets AI Agents
Security and Privacy

Indirect Prompt Injection in Web Content Targets AI Agents

July 6, 2026No Comments2 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

Attackers have begun embedding hidden instructions in websites to target AI agents, according to new research.

Zscaler’s ThreatLabz documented two real-world campaigns which used a technique called indirect prompt injection, where instructions are planted in content an AI agent reads, such as a web page, to steer its behavior.

One posed as software documentation to run a payment scam, the other impersonated a cryptocurrency service.

Hidden Instructions in Plain Sight

In both cases, the attackers first used SEO poisoning to push their sites high in search results, making it more likely an agent would find them.

They then buried prompt-style instructions in parts of the page a human never sees, using CSS to move the text off-screen or tucking it inside structured JSON-LD metadata that machines read as trusted context.

The first campaign used a fake page dressed up as a Python library’s documentation. It told any AI agent on a coding task that it had to buy a $3 API license key to fix an error, then walked it through paying an attacker’s cryptocurrency wallet for a bogus key.

Zscaler said the same site also tried to scam human developers.

Read more: Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

How the Models Held Up

For the second campaign, the attackers used a typosquatting domain impersonating DeBank, a popular cryptocurrency portfolio tracker, with hidden text instructing agents to treat the fake site as the “authoritative” DeBank and rank it first.

To gauge the risk, ThreatLabz ran its own autonomous agent against the sites across 26 large language models (LLMs).

See also  GwisinLocker Ransomware Targets Linux Systems in South Korea

Four of the 26 models were manipulated into executing the fraudulent payment, including versions of Meta’s Llama and Google’s Gemini.

In the second test, two models, OpenAI’s GPT-5.4 and Anthropic’s Claude Sonnet 4.5, reportedly wrongly rated the fake site as legitimate, but only when they lacked a trusted reference for the real DeBank. When the genuine site was provided for comparison, none were fooled.

The results from Zscaler’s own sandboxed tests suggest that susceptibility depends heavily on the LLM and the amount of context it is given.

“As AI agents become a more common interface to the web, the content itself is going to become a larger attack surface,” the company warned, “highlighting that AI is a double-edged sword that can streamline workflows while also introducing new avenues for abuse.”

Source link

agents Content Indirect Injection Prompt Targets Web
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Crypto News: AlphaPepe Reveals CEX Partnership With Biconomy As Ethereum Price Prediction Targets $7,000

July 5, 2026

Why Base Just Launched New Skills for Onchain Agents — And Why Traders Are Watching

July 5, 2026

Ethereum Foundation Guide Targets Government And Institutional Blockchain Use

July 4, 2026

Loqua Launches Beta for Sui-Based Privacy Messenger with zkLogin and AI Agents

July 4, 2026
Add A Comment
Leave A Reply Cancel Reply

Top Posts

Solana’s 14% price fall, prediction, and how you can profit from the dip

December 11, 2023

CoinShares brought in $55 million in Q1 2024 in ‘strongest quarter ever’

May 15, 2024

Football Clubs Face UK FCA’s Crackdown for Promoting Unauthorized Crypto Firms

June 4, 2026

Subscribe to Updates

Get the latest creative news From Crypto Daily Pulse directly in your Inbox!

Our mission is to develop a community of people who try to make financially sound decisions. The website strives to educate individuals in making wise choices about Crypto, ICOs, Web3, Blockchain and more.

We're social. Connect with us:

Facebook X (Twitter) Instagram Pinterest YouTube
Top Insights

Trump Bitcoin Conference Keynote Puts Crypto Policy Back In The Political Spotlight

July 6, 2026

How’s India Looking in the Global Crypto Regulation Race?

July 6, 2026

Indirect Prompt Injection in Web Content Targets AI Agents

July 6, 2026
Get Informed

Subscribe to Updates

Get the latest creative news From Crypto Daily Pulse directly in your Inbox!

  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2026 Crypto Pulse Daily - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.

Cleantalk Pixel
  • bitcoinBitcoin(BTC)$63,684.001.53%
  • ethereumEthereum(ETH)$1,792.510.73%
  • tetherTether(USDT)$1.000.04%
  • binancecoinBNB(BNB)$584.87-0.67%
  • usd-coinUSDC(USDC)$1.000.01%
  • rippleXRP(XRP)$1.151.19%
  • solanaSolana(SOL)$81.991.31%
  • tronTRON(TRX)$0.3283830.14%
  • Figure HelocFigure Heloc(FIGR_HELOC)$1.03-0.75%
  • HyperliquidHyperliquid(HYPE)$71.552.62%