Misleading text in the physical world can hijack AI-enabled robots

Staff Editor 2026-01-22
Misleading text in the physical world can hijack AI-enabled robots

Misleading text in the physical world can hijack AI-enabled robots

https://www.universityofcalifornia.edu/news/misleading-text-physical-world-can-hijack-ai-enabled-robots

Publish Date: 2026-01-22 15:31:00

Source Domain: www.universityofcalifornia.edu

Certainly, here are the key points in an unordered list based on the article:

  • Environmental Indirect Prompt Injection Attacks: This involves using misleading text to manipulate AI in embodied systems, potentially hijacking their decision-making.
  • Research by UC Santa Cruz: Professors Alvaro Cardenas and Cihang Xie led research on these new security threats against AI-driven autonomous systems.
  • CHAI (Command Hijacking Against Embodied AI): Developed by the research team, CHAI uses generative AI to optimize text and visual appearance to manipulate large visual-language models used in autonomous robotics.
  • Testing and Success Rates: Experiments on drones and autonomous cars showed high success rates in hijacking scenarios, with up to 95.5% for drone scenarios and 81.8% for driverless cars.
  • Real-World Application: The researchers successfully tested their attacks on a small embodied AI robotic car prototype within the UC Santa Cruz engineering building.
  • Multilingual Attacks: CHAI can be deployed in English, Chinese, Spanish, and Spanglish to manipulate the AI systems.
  • Future Directions: The research team plans to explore defenses, including authentication of text-based instructions and ensuring safety alignment with the robot’s mission.

More Stories

Billions spent and hypothetical returns: the AI boom explained with six charts | AI (artificial intelligence)

Billions spent and hypothetical returns: the AI boom explained with six charts | AI (artificial intelligence)

Staff Editor 2026-06-07
Artificial Intelligence Is Here To Stay. Are Hawaiʻi Schools Ready? – The 74

Artificial Intelligence Is Here To Stay. Are Hawaiʻi Schools Ready? – The 74

Staff Editor 2026-06-07
AI and grief: why technology can’t replace people

AI and grief: why technology can’t replace people

Staff Editor 2026-06-07

You may have missed

Billions spent and hypothetical returns: the AI boom explained with six charts | AI (artificial intelligence)

Billions spent and hypothetical returns: the AI boom explained with six charts | AI (artificial intelligence)

Staff Editor 2026-06-07
Artificial Intelligence Is Here To Stay. Are Hawaiʻi Schools Ready? – The 74

Artificial Intelligence Is Here To Stay. Are Hawaiʻi Schools Ready? – The 74

Staff Editor 2026-06-07
AI and grief: why technology can’t replace people

AI and grief: why technology can’t replace people

Staff Editor 2026-06-07
AI, social media give children a dangerous digital mirror

AI, social media give children a dangerous digital mirror

Staff Editor 2026-06-07
‘A driver of political violence’: how the breakneck AI boom is fueling anti-tech extremism | AI (artificial intelligence)

‘A driver of political violence’: how the breakneck AI boom is fueling anti-tech extremism | AI (artificial intelligence)

Staff Editor 2026-06-07

Terms and Conditions - Privacy Policy