Overview
Severity: HIGH | Affected: Multiple LLM Providers | Category: research
Researchers from the Cybernetics Institute at ETH Zurich have published a paper detailing a novel prompt injection technique called "MindWipe." This attack uses a sequence of Unicode characters and context-switching commands to effectively erase the safety alignment of large language models during a single session. The technique has been demonstrated to successfully bypass safety filters on several leading models, including GPT-5, Gemini 2, and Cohere's Command-R Pro. The researchers showed that after the MindWipe sequence is injected, the model can be prompted to generate harmful, biased, or malicious content, including functional malware and detailed phishing templates. The research highlights the persistent fragility of current alignment methods and calls for more robust, context-aware defense mechanisms that can detect and neutralize such adversarial inputs before they are processed by the core model.