# Hijacking Agent Memory: Stealthy Trojan Attacks Through Conversational Interaction

**Source:** https://arxiv.org/abs/2605.29960  
**Authors or institution:** Hongtao Wang, Se Yang, Yu Chen, Puzhuo Liu  
**Publication date:** 2026-05-28  
**Publication status:** arXiv preprint  
**Evidence level:** Emerging evidence  
**Date last reviewed in UTC:** 2026-06-26T00:00:00Z

## Direct findings or source content

Selective memory extraction and rewriting can create non-obvious persistence paths.

## Cognivirus interpretation

For Cognivirus.com, this source is used to examine risk at the level of adaptive systems, component compositions, evaluator boundaries, and behavioral persistence. The site interpretation is narrower than the source when the source is experimental, and more explicitly qualified when the source is architectural or programmatic.

## Limits

Very recent preprint; operational systems may use different memory pipelines and mitigations. That persistent memory should never be used.

## Source handling

This local file is an original summary and metadata record. It is not a copy of the source paper, report, or website. Copyrighted source material is not reproduced in full.