Unveiling AI Agent Vulnerabilities Part III: Data Exfiltration - www.trendmicro.com

This article details how indirect prompt injection exploits multi-modal AI agents by embedding malicious instructions within innocuous images or documents, leading to sensitive data exfiltration without user interaction. The "Pandora" PoC AI agent demonstrates this by processing a malicious Python payload within an MS Word document, executing code, and leaking data to a command-and-control server.