Hijacking Agent Memory: Stealthy Trojan Attacks Through Conversational Interaction

ArXi:2605.29960v1 Announce Type: cross Large language model (LLM) agents increasingly leverage long term memory to persistent and autonomous task execution. However, this capability also In this paper, we propose MemPoison, a novel memory poisoning attack that bypasses selective memory mechanisms in LLM agents, where an attacker can inject triggerable backdoors into the agent's long-term memory through dialogue interactions, thereby misleading its subsequent responses. MemPoison