Research
MIRAGE: Context-Aware Prompt Injection Attacks Against Mobile GUI Agents via User-Generated Content
MIRAGE demonstrates that mobile GUI agents driven by VLMs cannot reliably separate trusted interface elements from user-generated content rendered as pixels. Attackers can craft visual prompt injections embedded in normal app content that hijack agent actions. As mobile GUI agents ship in consumer products, this attack surface matters now.
Source
↳ Follow the thread