UK cyber agency warns LLMs will always be vulnerable to prompt injection - cyberscoop.com

The UK's NCSC warns that Large Language Models (LLMs) possess an inherent architectural flaw, known as prompt injection, where they fail to distinguish between instructions and data within a single prompt. This fundamental vulnerability allows malicious actors to bypass security guardrails, hijack models, and potentially achieve remote code execution by embedding hidden instructions in seemingly benign inputs.