AIBearisharXiv – CS AI · Apr 67/10
🧠
Poison Once, Exploit Forever: Environment-Injected Memory Poisoning Attacks on Web Agents
Researchers have discovered a new attack called eTAMP that can poison AI web agents' memory through environmental observation alone, achieving cross-session compromise rates up to 32.5%. The vulnerability affects major models including GPT-5-mini and becomes significantly worse when agents are under stress, highlighting critical security risks as AI browsers gain adoption.
🏢 Perplexity🧠 GPT-5🧠 ChatGPT