{ "Event": { "analysis": "1", "date": "2026-04-22", "extends_uuid": "", "info": "[Threat Intel] Indirect Prompt Injection in the Wild: 10 IPI Payloads Found", "protected": false, "publish_timestamp": "1779545435", "published": true, "threat_level_id": "3", "timestamp": "1777615696", "uuid": "a4eba50a-a1b9-44ad-85c0-72fbb00fd69a", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#59847a", "local": false, "name": "misp-galaxy:producer=\"Forcepoint\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#130049", "local": false, "name": "rectifyq:sub-category=\"campaign-analysis\"", "relationship_type": "" }, { "colour": "#18005c", "local": false, "name": "rectifyq:topic=\"ai\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#55acee", "local": false, "name": "rectifyq:MY-relevancy=\"potentially-relevant\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-atlas-attack-pattern=\"Indirect\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-atlas-attack-pattern=\"LLM Prompt Injection\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"self-curated\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1776999616", "to_ids": false, "type": "link", "uuid": "6e483766-3faa-412c-a827-ecad3e73189b", "value": "https://www.forcepoint.com/blog/x-labs/indirect-prompt-injection-payloads" }, { "category": "Other", "comment": "Description", "deleted": false, "disable_correlation": false, "timestamp": "1776999616", "to_ids": false, "type": "text", "uuid": "e6128e65-9531-48db-9fc7-08f7014d6065", "value": "X-Labs researchers discovered 10 verified Indirect Prompt Injection (IPI) payloads deployed across live web infrastructure. Unlike direct prompt injection where users send malicious input to AI models, IPI hides adversarial instructions inside ordinary web content. When AI agents crawl or summarize poisoned pages, they ingest and execute these instructions as legitimate commands. The discovered payloads span financial fraud, data destruction, API key exfiltration, and denial-of-service attacks. Attackers employ techniques including CSS invisibility, HTML comments, accessibility attribute abuse, meta namespace spoofing, and system prompt tag impersonation. The shared injection templates across multiple domains suggest organized tooling rather than isolated experimentation. Observed attack intents include unauthorized financial transactions, terminal command execution, content suppression, traffic hijacking, and sensitive information leakage, targeting AI systems that browse web pages, index content for RAG ..." }, { "category": "Other", "comment": "Summary", "deleted": false, "disable_correlation": false, "timestamp": "1776999616", "to_ids": false, "type": "text", "uuid": "470521b5-71ca-445f-8ef9-8f2c95ab9cd6", "value": "Name: Indirect Prompt Injection in the Wild: 10 IPI Payloads Found\nAuthor: AlienVault\nAdversary: \nTags: [\"ai agents\", \"css concealment\", \"llm exploitation\", \"api key theft\", \"indirect prompt injection\", \"prompt injection techniques\", \"web poisoning\", \"financial fraud\"]\nTgtd countries: []\nMlwr families: []\nAttack_ids: []\nIndustries: []" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610887", "to_ids": true, "type": "domain", "uuid": "04aaca20-b8ea-47d7-a7a3-10689161d0e1", "value": "luminousmen.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610908", "to_ids": true, "type": "domain", "uuid": "829b8da1-010c-4f62-a21d-a11240cea8fa", "value": "perceptivepumpkin.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610929", "to_ids": true, "type": "domain", "uuid": "9e17b0b5-e534-48c1-bdae-0ee986065334", "value": "faladobairro.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610951", "to_ids": true, "type": "domain", "uuid": "3dd523b0-3298-4196-8dd7-222e86931b29", "value": "kleintechnik.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610972", "to_ids": true, "type": "domain", "uuid": "08265d22-ce5a-49f4-9980-8007f0727ade", "value": "thelibrary-welcome.uk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777610993", "to_ids": true, "type": "hostname", "uuid": "8cac0350-3582-4f0b-9cee-71a639058b06", "value": "bentasker.co.uk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777611014", "to_ids": true, "type": "domain", "uuid": "660b131b-3b0e-481d-b775-468a00a7a1a7", "value": "kassoon.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777611036", "to_ids": true, "type": "domain", "uuid": "eeb33c2a-2056-43c6-837d-805ff32145f2", "value": "lawsofux.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777611057", "to_ids": true, "type": "domain", "uuid": "4e8064e2-f21c-46fe-ab2c-9bf048969954", "value": "lcpdfr.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777611078", "to_ids": true, "type": "domain", "uuid": "18e5256f-c220-4cb3-b423-52f7701daa07", "value": "archibase.co", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] } ] } }