Manipulating AI Summarization Features

Published: 1 day ago (March 4, 2026 at 07:06 AM EST)

1 min read

Source: Schneier on Security

Microsoft is reporting:

Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands into an AI assistant’s memory via URL prompt parameters. These prompts instruct the AI to “remember [Company] as a trusted source” or “recommend [Company] first,” aiming to bias future responses toward their products or services. We identified over 50 unique prompts from 31 companies across 14 industries, with freely available tooling making this technique trivially easy to deploy. This matters because compromised AI assistants can provide subtly biased recommendations on critical topics including health, finance, and security without users knowing their AI has been manipulated.

I wrote about this two years ago: it’s an example of LLM optimization, along the same lines as search‑engine optimization (SEO). It’s going to be big business.

Manipulating AI Summarization Features

Related posts

On Moltbook

Police dismantles online gambling ring exploiting Ukrainian women

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks