Researcher Johann Rehberger shows a hack to override Gemini’s prompt injection defenses, letting long-term memories be permanently planted for future sessions (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Researcher Johann Rehberger shows a hack to override Gemini’s prompt injection defenses, letting long-term memories be permanently planted for future sessions  —  In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots …