Researchers have developed a new cross-modal prompt injection attack called CrossMPI that can manipulate the interpretation of both text and image inputs in large vision-language models (LVLMs) through image-only perturbations. This attack targets the model's hidden state space, which is larger and more influential than the visual embedding space typically used in previous attacks. The method employs a layer selection strategy to focus on critical multimodal integration layers and a distance-decremental budget assignment to constrain image perturbations, outperforming existing approaches in experiments. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT This research highlights a new vulnerability in vision-language models, potentially impacting their secure deployment and requiring new defense mechanisms.
RANK_REASON The cluster contains a new academic paper detailing a novel attack method. [lever_c_demoted from research: ic=1 ai=1.0]