Research finds prompt injection attacks defeat defenses across GPT-5 and Gemini AI agents

According to CSO Online, StakeBench research from Nanyang Technological University found that not a single leading AI web agent powered by GPT-5 and Gemini consistently blocked prompt injection attack scenarios. The study tested multiple implementations and discovered a critical security gap in current AI agent defense mechanisms, exposing agents to attacks that could be injected through user input or compromised data sources.