◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

AI memory poisoning

Definition
An attack where a malicious actor plants false or harmful information into the memory that an AI agent retains across conversations. Because the agent automatically recalls and acts on this stored memory in future sessions, a single poisoning event can permanently alter the agent's behaviour — silently redirecting its actions, leaking data, or undermining trust long after the attacker has gone.
Why it matters
Enterprise AI agents increasingly remember context across sessions to be more helpful; this feature becomes a persistent back door if not secured. A single compromised memory entry can corrupt every future interaction that agent has with every user.
Demonstrated by recent findings
Microsoft — Guarding AI Memory: Memory Poisoning Threats and Defenses in Microsoft Foundry Agent ServiceMicrosoft 'Guarding AI Memory': Security Guidance on AI Memory Attack Vectors and Defenses
References
Microsoft: Guarding AI Memory — Memory Poisoning Threats and Defenses
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →