Google researchers have discovered a growing number of malicious AI prompt injection attacks on websites, with a 32 percent increase observed between November 2025 and February 2026, though the sophistication remains relatively low. These indirect prompt injection attempts involve planting malicious instructions on websites to trick AI assistants like Gemini and ChatGPT into stealing data or executing harmful commands, but researchers found most current attacks lack advanced techniques. While the threat is still maturing, Google warns that both the scale and complexity of these attacks are expected to increase significantly in the near future.