Just like phishing for gullible humans, prompt injecting AIs is here to stay

New injection discovered

It has been reported that researchers — and yes, the usual parade of security pros — have flagged another prompt injection that tricks supposedly locked-down AI assistants into revealing sensitive data. Think phishing, only with machine-readable bait. The trick is simple on paper: hide or embed instructions inside a file you ask the model to ingest, and the model, allegedly, executes them instead of treating them as inert content. Ouch.

Why it matters

Humans have been playing this game forever. Social engineers ask the right question and you hand over the keys. Why should models be any different? The underlying emotional sting is the same: a brittle trust, shattered by a cunning question. Is this fixable? Security folk call it an arms race — a whack-a-mole of rules, filters and heuristics trying to anticipate every sneaky prompt. Many argue it's an unsolvable class of problem, much like phishing, rather than a one-off bug.

Where the conversation is happening

The Register’s podcast The Kettle explored the topic in depth, with host Brandon Vigliarolo joined by cybersecurity editor Jessica Lyons and senior reporter Tom Claburn. They walk through examples, defenses and why complacency will cost you — in data, reputation, or both. You can listen on the usual platforms if you want a deeper dive.

Prompt injection is no longer a niche footnote in AI security. It’s a feature of the landscape. So what do we do? Patch harder, educate more, and accept that we’ve ushered in a new kind of con artistry — one that speaks fluent machine.

Sources: The Register