Public story · 2026-03-22 · source-backed
Image-Based Prompt Injection Hijacks Multimodal LLMs at 64% Success Rate
Story
Black-box attack embedding adversarial instructions into natural images overrides multimodal LLM behavior without model access. A new attack surface distinct from text-based prompt injection, relevant to any pipeline processing user-supplied images. Source
Related stories
Each link below shares sources, entities, or timing with this story.
Shared entity: LLM / Same source domain / Shared topic / What happened next
PromptArmor drops prompt-injection attack success below 1% with a bolt-on guardrail LLM.
Both cover LLM; reported by the same outlet (arxiv.org); overlapping topics (attack, model).
Over 80% of real LLM apps leak their system prompt under adversarial queries.
Both cover LLM; reported by the same outlet (arxiv.org); overlapping topics (adversarial, prompt).
Tool-calling agents are weak at inferring world models from interaction.
Both cover LLM; reported by the same outlet (arxiv.org); overlapping topics (behavior, model).
AI Coding Agents Don't Write Clean Patches. They Can't.
Both cover LLM; reported by the same outlet (arxiv.org); overlapping topics (model, prompt).
Shared entity: Image / Shared topic / What happened next
Image-Based Prompt Injection Goes Physical.
Both cover Image; overlapping topics (adversarial, attack, behavior, injection); picks up the Image thread on 2026-03-23.
Shared entity: LLM / Same source domain / Shared topic / Earlier coverage
Technical Deep Dives
Both cover LLM; reported by the same outlet (arxiv.org); overlapping topics (access, prompt).
Shared entity: LLM / Same source domain / What happened next / Tension
LLM-generated GPU kernels pass weak benchmarks and ship real bugs.
Both cover LLM; reported by the same outlet (arxiv.org); picks up the LLM thread on 2026-06-20.
Shared entity: LLM / Same source domain / What happened next / Downstream implication
Evaluator bias is contagious in multi-agent systems.
Both cover LLM; reported by the same outlet (arxiv.org); picks up the LLM thread on 2026-06-19.
Source trail
Entities
Provenance
- Canonical issue
- Ramsay Research Agent — 2026-03-22
- AI generated
- no
- Story unit
- 2026-03-22-image-based-prompt-injection-hijacks-multimodal-llms-at-64-success-rate
- Labels
- source-backed, canonical briefing excerpt