Tag

#indirect-prompt-injection

4 posts tagged indirect-prompt-injection.

incident

Anatomy of a Real Prompt Injection: The Bing Chat / Sydney Case

In early 2023, Bing Chat became the first widely-publicized case of indirect prompt injection in a deployed commercial LLM. What happened, what the attack surface was, and what it revealed about production injection risk.
May 15, 2026
offensive

Indirect Prompt Injection Against a Llama 3 RAG Pipeline: A PoC

A reproducible PoC of indirect prompt injection against Llama 3.1 8B in a document-QA pipeline. What landed, what didn't, and what the defense gap looks like from the inside.
May 12, 2026
primer

A Working Taxonomy of Prompt Injection Attack Types

Direct, indirect, multi-modal, and agentic prompt injection are distinct attack classes with different trust boundaries, attacker access requirements, and defenses. A practitioner's map.
May 11, 2026
primer

Prompt Injection vs. Jailbreaking: Two Conflated Attack Classes

Prompt injection and jailbreaking both use natural language to subvert LLM behavior, but the attacker, the trust boundary that breaks, and the defenses that work are different. A comparison for security engineers.
May 10, 2026