AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Prompt Injection Via Road Signs

infonewsLLM-Specific

securityresearch

Source: Schneier on SecurityFebruary 11, 2026

Summary

Researchers discovered a new attack called CHAI (Command Hijacking against embodied AI) that tricks AI systems controlling robots and autonomous vehicles by embedding fake instructions in images, such as misleading road signs. The attack exploits Large Visual-Language Models (LVLMs, which are AI systems that understand both images and text together) to make these embodied AI systems (robots that perceive and interact with the physical world) ignore their real commands and follow the attacker's hidden instructions instead. The researchers tested CHAI on drones, self-driving cars, and real robots, showing it works better than previous attack methods.

Classification

Attack Type

Prompt InjectionJailbreak

Attack SophisticationAdvanced

Impact (CIA+S)

integrity

Affected Vendors

Related Issues

critical

CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-

Similar attackNVD/CVE Database

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 85%