{"slug": "zscaler-finds-prompt-injection-campaigns-targeting-ai-agents", "title": "Zscaler Finds Prompt Injection Campaigns Targeting AI Agents", "summary": "Zscaler discovered malicious websites using indirect prompt injection to manipulate autonomous AI agents, including campaigns tied to crypto-payments and fake DeFi decisions. The attacks exploit agents that browse the open web, requiring browser isolation, source-trust checks, and human approval for irreversible actions.", "body_md": "Zscaler says malicious websites are using **indirect prompt injection** to influence autonomous AI agents, including campaigns tied to crypto-payment and fake DeFi decisions. SecurityWeek and SC Media reported July 6-7, 2026, that Zscaler found hidden prompts, SEO manipulation, and fake trust signals designed to steer agents that browse the open web. The practical issue is authority: an agent that can read untrusted pages and also make payments, install packages, or call business tools needs browser isolation, source-trust checks, and **human approval** for irreversible actions. This is a web-content risk, not only a prompt-engineering bug.", "url": "https://wpnews.pro/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents", "canonical_source": "https://letsdatascience.com/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents-b88d1490", "published_at": "2026-07-08 09:59:09+00:00", "updated_at": "2026-07-08 11:05:48.529355+00:00", "lang": "en", "topics": ["ai-safety", "ai-agents", "large-language-models", "ai-policy"], "entities": ["Zscaler", "SecurityWeek", "SC Media"], "alternates": {"html": "https://wpnews.pro/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents", "markdown": "https://wpnews.pro/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents.md", "text": "https://wpnews.pro/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents.txt", "jsonld": "https://wpnews.pro/news/zscaler-finds-prompt-injection-campaigns-targeting-ai-agents.jsonld"}}