Research finds prompt injection attacks defeat all tested AI agent defenses across GPT-5 and Gemini

According to CSO Online reporting on StakeBench research from Nanyang Technological University, not a single leading AI web agent powered by GPT-5 or Gemini consistently blocked prompt injection attack scenarios. The study exposed a critical security gap in production AI agent implementations where attackers can inject malicious prompts to override intended agent behavior.