RAG-Pull: Turning Retrieval into a Code-Injection Channel via Invisible Unicode Perturbations
Researchers have developed a novel attack method called RAG-Pull that exploits Retrieval-Augmented Generation (RAG) systems. By inserting invisible Unicode characters into queries or external code, RAG-Pull can redirect retrieval to malicious code snippets. This manipulation can lead to vulnerabilities such as remote code execution and SQL injection, compromising the safety alignment of LLMs. AI
IMPACT This research highlights a new attack vector against LLMs that could compromise data security and model safety.