Prompt injection defeats defenses across GPT-5 and Gemini agents in Nanyang study

Researchers at Nanyang Technological University found in the StakeBench study that prompt injection attacks defeat all major defense mechanisms in leading AI web agents powered by GPT-5 and Gemini, with zero consistent mitigation across tested systems. The research demonstrates that current agents lack reliable protections against prompt injection, establishing a significant security gap in deployed agentic systems.