AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Sneaky Bits: Advanced Data Smuggling Techniques (ASCII Smuggler Updates)

infonewsLLM-Specific

securityresearch

Source: Embrace The RedMarch 12, 2025

Summary

Researchers have discovered advanced data smuggling techniques using invisible Unicode characters (invisible text that computers can process but humans cannot see) to hide information in LLM inputs and outputs. The technique, called Sneaky Bits, can encode any character or sequence of bytes using only two invisible characters, building on earlier methods that used Unicode Tags and Variant Selectors to inject hidden instructions into AI systems.

Classification

Attack Type

Prompt Injection

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedInference

Affected Vendors

Related Issues

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

Similar attackEmbrace The Red

medium

CVE-2024-45989: Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Act

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 85%