EvidenceEmerging evidencev1.10.0
Hijacking Agent Memory: Stealthy Trojan Attacks Through Conversational Interaction
Evidence card
- Claim
- Selective memory extraction and rewriting can create non-obvious persistence paths.
- Evidence level
- Emerging evidence
- Source
- https://arxiv.org/abs/2605.29960
- Publication date
- 2026-05-28
- Authors or institution
- Hongtao Wang, Se Yang, Yu Chen, Puzhuo Liu
- System tested
- Long-term memory pipelines in LLM agents under reported conversational poisoning settings.
- Limitations
- Very recent preprint; operational systems may use different memory pipelines and mitigations.
- What the evidence does show
- Selective memory extraction and rewriting can create non-obvious persistence paths.
- What the evidence does not show
- That persistent memory should never be used.
- Date last reviewed in UTC
- 2026-06-26T00:00:00Z
Site use
This source supports Cognivirus.com pages related to memory poisoning, selective memory, conversational attack surface. Its role is bounded by the limitations listed above.