Model distillation raids, slopsquatting supply chain exploits, and indirect prompt injection are the three attack vectors carving through the 2026 AI stack right now.
Holy hell Chris, this was sobering reading. Also confirms what you have been telling us for months re agentic attacks. I am really not sure why indirect prompt injection attacks are not being better addressed though, as surely these have been known about pretty widely since at least mid 2025? Just shows how potentially screwed everyone's stacks are. 😢
yeah no kidding! i think it’s their indirect nature. people don’t see the threat, so it’s not as real.
also with indirect prompt injection, most people who are getting hit won’t even know it. unless they have built detection and alerts, chances are they’ve been pwnd and will never know!
Holy hell Chris, this was sobering reading. Also confirms what you have been telling us for months re agentic attacks. I am really not sure why indirect prompt injection attacks are not being better addressed though, as surely these have been known about pretty widely since at least mid 2025? Just shows how potentially screwed everyone's stacks are. 😢
yeah no kidding! i think it’s their indirect nature. people don’t see the threat, so it’s not as real.
also with indirect prompt injection, most people who are getting hit won’t even know it. unless they have built detection and alerts, chances are they’ve been pwnd and will never know!
This was discussed in the open office hours class today at MIT, I’m shocked there are no managed guardrails for it.