This new attack can trick AI models to spread misinformation

Hello AI lovers! Here’s what you need to know about AI today:

👉 MINJA attack can trick AI models to spread misinformation

👉 Google DeepMind released an advanced AI model for the physical world

👉 Sesame open-sourced a premium speech synthesis model

and many more!

📧 Did someone forward you this email? Subscribe here for free to get the latest AI news everyday!

Read time: 5 minutes

What’s going on: Researchers have discovered a new threat to AI systems called the MINJA attack, short for Memory INJection Attack, which exploits the memory banks of large language model agents to manipulate their behavior. This technique demonstrates how malicious users can poison an AI’s memory simply by interacting with it as a regular user would. Unlike previous assumptions that such attacks required control over the AI’s backend, MINJA reveals a practical vulnerability where any user of a shared chatbot can influence its responses for others, raising serious concerns about the security of AI agents that rely on stored interactions for learning and decision-making.

What does it mean: Making AI safe is getting trickier everyday that passes by. Many believed that once a model is trained and released, you can’t highjack and force it to response in a certain way, not only in a conversation with you but with “others” as well. Unfortunately, we have now discovered, that these chatbot are much more vulnerable than we thought.

More details: 

• MINJA attack targets AI models like GPT-4 and GPT-4o, tested across three agents: RAP, a web shop assistant enhanced with retrieval-augmented generation; EHRAgent, a healthcare query tool; and a custom QA Agent using chain-of-thought reasoning.

• MINJA works by feeding the AI deceptive prompts that subtly embed false information into its memory. For instance, in the EHRAgent case, a prompt tricked the system into linking one patient’s data to another, potentially leading to harmful misinformation in medical contexts.

• Interested? Learn about all of tricks used by the developers of MINJA to expose the vulnerabilities of modern AI models by reading this detailed report.

What’s going on: Google DeepMind has unveiled two new AI models, Gemini Robotics and Gemini Robotics-ER, both built on the foundation of Gemini 2.0, designed to revolutionize how robots interact with the physical world. These models aim to bridge the gap between digital AI capabilities and real-world applications by enabling robots to perform a broader range of tasks with greater adaptability and precision.

What does it mean: Gemini Robotics is a vision-language-action (VLA) model that integrates physical actions as a new output modality, allowing robots to directly respond to natural language commands and manipulate their environments. Meanwhile, Gemini Robotics-ER enhances spatial understanding, offering developers a tool to build custom programs leveraging its embodied reasoning abilities.

More details: 

• While building these models, DeepMind has focused on three critical qualities for practical robotics: generality, interactivity, and dexterity. Gemini Robotics uses Gemini 2.0’s robust world understanding to adapt to new situations, objects, and instructions without prior training.

• Gemini Robotics can process conversational commands in multiple languages and adjust to environmental changes in real time, such as replanning actions if an object moves or instructions shift.

• On the dexterity front, the model excels at complex, multi-step tasks requiring fine motor skills, like folding origami or packing a snack into a Ziploc bag, tasks that have historically challenged robotic systems.

• Want to get into the details and watch some cool demos? Visit this page.

💰 SoftBank is investing $676 million to transform a former Sharp LCD plant in Osaka into an AI data center, furthering its collaboration with OpenAI to deploy advanced AI solutions in Japan.

🎙 Sesame has released its 1-billion-parameter CSM-1B model under an Apache 2.0 license, powering its impressively realistic virtual assistant Maya. It can be used to generate contextually aware emotionally intelligent speech, and also for voice cloning & watermarking. Check out the model on Hugging Face.

⚖ OpenAI, in a policy proposal to the Trump Administration, alleges that Chinese AI lab DeepSeek is “state-controlled” and recommends a ban on its models and similar Chinese models due to security and IP theft risks.

🎮 Xbox has released "Copilot for Gaming," an AI-powered gaming companion accessible via the Xbox mobile app, designed to enhance gameplay by providing real-time tips, suggesting characters, offering strategic advice, reminding players of past sessions, installing games, and recommending new titles, while also adapting to the player's style and even trash-talking them if desired.

🖼 Bria, a startup developing AI image generators trained exclusively on licensed content, has raised $40 million to expand its platform to support additional media types and create an "IP ecosystem" for businesses to access licensed images for commercial use.

AI + Preparing for a presentation

Perplexity - AI Systems Engineer

Airbnb - Machine Learning Engineering Intern (PhD)

Rad AI - Senior ML Research Scientist

xAI - Backend Engineer - Product Safety

Thank you for staying with us like always! If you are not subscribed, subscribe here for free to get more of these emails in your inbox! Cheers!