I put together predictions for how the OWASP LLM Top 10 will evolve in 2026 based on current attack research and where the industry is heading.
Key predictions:
- Agent Hijacking enters at #3 — as agentic AI gets real-world permissions (file access, API calls, code execution), hijacking autonomous agents becomes a critical vector. We've already seen the first AI-orchestrated espionage campaign in 2024.
- Multi-Modal Injection debuts at #6 — prompt injection via images, audio, and documents. Text-based defenses don't catch hidden instructions in pixels or audio frequencies.
- Memory Persistence Attacks at #10 — exploiting ChatGPT-style memory features to plant instructions that survive across sessions.
Curious what the HN security community thinks — what am I missing? What threats do you expect to see rise?
adam_ftt•33m ago
Key predictions:
- Agent Hijacking enters at #3 — as agentic AI gets real-world permissions (file access, API calls, code execution), hijacking autonomous agents becomes a critical vector. We've already seen the first AI-orchestrated espionage campaign in 2024.
- Multi-Modal Injection debuts at #6 — prompt injection via images, audio, and documents. Text-based defenses don't catch hidden instructions in pixels or audio frequencies.
- Memory Persistence Attacks at #10 — exploiting ChatGPT-style memory features to plant instructions that survive across sessions.
Curious what the HN security community thinks — what am I missing? What threats do you expect to see rise?