The invisible characters create an ideal covert channel that makes it easier for attackers to conceal malicious payloads fed into an LLM, thereby compromising user security.
Joseph Thacker highlighted the astonishing ability of AI models to understand invisible tags, making AI security considerations significantly more complex and critical.
Johann Rehberger demonstrated 'ASCII smuggling' through successful proof-of-concept attacks against Microsoft 365 Copilot, revealing vulnerabilities in AI-powered services.
This quirk in the Unicode standard enables hidden text to be appended to visible text, allowing attackers to extract sensitive data unknowingly from users.
Collection
[
|
...
]