Overview
Severity: HIGH | Affected: Major AI Labs (OpenAI, Google, Anthropic) | Category: research
Researchers from Carnegie Mellon University have published a groundbreaking paper detailing 'StealthPrompt,' a novel jailbreak technique effective against leading large language models, including GPT-5 and Gemini Pro 2. The attack embeds malicious instructions within benign-looking prompts using Unicode character-level steganography. By encoding harmful commands in zero-width characters or visually similar homoglyphs, the technique successfully bypasses content moderation filters that analyze plain text semantics. The researchers demonstrated the ability to generate harmful content, extract sensitive system information, and trigger denial-of-service conditions. Major AI labs have acknowledged the findings and are working on patches, but the research highlights a significant new attack surface in LLM input processing. The technique requires no special access and can be delivered through any text-based interface, posing a serious threat to AI application security.