The Tasalli
Select Language
search
BREAKING NEWS
New AI Botnet Attack Uses Prompt Injection on 9 Tools
AI Jul 09, 2026 · min read

New AI Botnet Attack Uses Prompt Injection on 9 Tools

Editorial Staff

The Tasalli

728 x 90 Header Slot

Summary

Security researchers have found a new way hackers can use popular AI tools to build large botnets. By using a technique called prompt injection, attackers can trick AI models into following hidden commands. This method can turn nine of the most widely used AI systems into tools for launching mass cyberattacks. The discovery raises serious concerns about the safety of AI tools used by millions of people every day.

Main Impact

This new attack method changes how hackers can use AI for harm. Instead of targeting one person at a time, they can now spread malicious commands across the internet. The nine AI tools affected include some of the biggest names in the industry. This means that many users could be at risk without even knowing it. The attacks can happen when AI processes emails, code, or other content that contains hidden instructions.

Key Details

What Happened

Researchers showed that hackers can inject hidden commands into content that AI tools read. The AI cannot tell the difference between a real user request and a fake one hidden in text. This allows attackers to make the AI do things like send spam, steal data, or spread malware. The attack works on nine popular AI tools, though the researchers did not name all of them publicly.

Important Numbers and Facts

The attack method is called prompt injection. It has been a known problem for a while, but this is the first time it has been used to build botnets at a large scale. Botnets are networks of infected computers that hackers control remotely. The researchers say that the attack can spread quickly because it does not need to target each victim individually. Instead, it can hit many users at once through shared content like emails or web pages.

Background and Context

Prompt injection is a security flaw in large language models, which are the technology behind tools like ChatGPT and similar AI assistants. These models are trained to follow instructions, but they cannot tell if an instruction comes from a trusted user or from hidden text in an email or website. This makes them easy to trick. Until now, most attacks using this method were limited because they had to be sent to each person separately. This new approach changes that by allowing the attack to spread automatically.

Public or Industry Reaction

Security experts have warned about prompt injection for years. Many have called on AI companies to fix the root cause of the problem. So far, the companies have added safety measures to reduce the risk, but these are not perfect. The researchers who found this new attack say that the industry needs to do more. They believe that without a real fix, these kinds of attacks will become more common and more dangerous.

What This Means Going Forward

This discovery shows that AI tools are still vulnerable to simple tricks. Users should be careful about what content they let AI tools process. Companies that make AI tools need to find a way to tell the difference between trusted commands and hidden ones. Until then, the risk of large-scale attacks will remain. Hackers are likely to keep finding new ways to use AI for harm, so users and companies must stay alert.

Final Take

Prompt injection is not a new problem, but this new use of it is a big step forward for hackers. It shows that AI tools, while powerful, have serious security gaps. The industry must act quickly to close these gaps before attackers cause even more damage. For now, users should think twice before letting AI read emails or other content from unknown sources.

Frequently Asked Questions

What is prompt injection?

Prompt injection is a way to trick an AI into following hidden commands. The AI cannot tell if a command comes from a user or from text it is reading, like an email or a website.

Which AI tools are affected?

The researchers say nine popular AI tools are affected, but they did not name all of them. The tools include some of the most widely used AI assistants and language models.

How can I protect myself from this attack?

Be careful about what content you let AI tools read. Avoid using AI to process emails or files from unknown sources. Keep your software updated and follow security news for new warnings.