AI agents spill secrets just by previewing malicious links

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn

AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts in chat to trick an AI agent into generating a data-leaking URL, which link previews may fetch automatically....