5 min read
News Brief Researchers from Seoul National University, UIUC, and Largosoft have published a new attack class — Agent Data Injection — that bypasses prompt injection defenses by hiding attacker commands inside ordinary data fields using fake punctuation that language models misread as structural delimiters.