MemGhost attack injects persistent false memories into AI agents

MemGhost attack injects persistent false memories into AI agents
Researchers describe MemGhost as a prompt-injection technique delivered through a single email that causes AI agents to store false information in long-term memory and reuse it in later tasks. The reported issue affects memory-enabled agents where untrusted content can be written into retained context. Details are outlined in MemGhost.
The key operational concern is persistence: the malicious input is not limited to one session, but can shape future agent decisions after the initial interaction. This shifts risk from transient prompt abuse to durable data-integrity compromise inside agent memory layers.
️ Open sources - closed narratives
Source: Telegram "sitreports"