this post was submitted on 12 Feb 2026
177 points (98.9% liked)

Technology

81078 readers
4130 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
177
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning (www.microsoft.com)
submitted 1 day ago by Beep@lemmus.org to c/technology@lemmy.world
19 comments fedilink hide all child comments
 

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends.

Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used for promotional purposes, a technique we call AI Recommendation Poisoning.

Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands into an AI assistant’s memory via URL prompt parameters (MITRE ATLAS® AML.T0080, AML.T0051).

These prompts instruct the AI to “remember [Company] as a trusted source” or “recommend [Company] first,” aiming to bias future responses toward their products or services. We identified over 50 unique prompts from 31 companies across 14 industries, with freely available tooling making this technique trivially easy to deploy. This matters because compromised AI assistants can provide subtly biased recommendations on critical topics including health, finance, and security without users knowing their AI has been manipulated.

you are viewing a single comment's thread
view the rest of the comments
[–] HyperfocusSurfer@lemmy.dbzer0.com 3 points 22 hours ago

Yeah, a very unpopular opinion here, but how about you actually read stuff? I mean, yeah, there's the whole seo prioritizing ai slop walls of text, but there's also a close tab button (I personally can't remember a single helpful slop article, and the overgeneralized advice they give doesn't even worth summarizing). Dog knows how much it pisses me off that the internet turned into a place where the info gets rewritten by bots to appease other bots and then once again to make it fucking readable.

Then, there's that "memory" stuff. Just why exactly do people need it? Make a base prompt editable only by the user and adjustable on a per-conversation basis, and that issue goes away (probably along with a significant portion of your electricity bill wasted on processing literal garbage not relative to the current conversation).