
AI Recommendation Poisoning: When Optimization Becomes Manipulation
From Microsoft Threat Intelligence Podcast by Microsoft
February 26, 2026 · 26 min · Season 3 · Episode 63
About this episode
This episode discusses AI recommendation poisoning and its implications for security and marketing.
In this episode of the Microsoft Threat Intelligence Podcast, Sherrod DeGrippo speaks with Microsoft security and AI researchers Giorgio Severi and Noam Kochavi about a newly observed trend in AI abuse: recommendation poisoning through memory manipulation. While looking into prompt injection and reprompt-style behaviors, the team uncovered something quieter but potentially more persistent—websites embedding hidden instructions inside Summarize with AI links that attempt to influence what an AI assistant remembers and recommends over time. Rather than focusing on immediate exploitation, this technique aims to shape long-term behavior inside AI systems. Giorgio and Noam explain how it works, why it’s spreading across industries, where legitimate marketing tactics can blur into security risk, and what defenders and users should understand about managing AI memory in an increasingly agent-driven environment. In this episode you’ll learn: How AI memory poisoning differs from traditional prompt injection Why legitimate businesses are using memory manipulation tactics What threat hunters can look for inside enterprise telemetry Some questions we ask: How is memory poisoning different…
People in this episode
Host: Sherrod DeGrippo
Guests: Giorgio Severi, Noam Kochavi
Topics covered
- AI recommendation poisoning
- memory manipulation
- AI abuse
- security risks
- marketing tactics
- long-term behavior
Keywords
- AI memory poisoning
- prompt injection
- recommendation systems
- security risks
- marketing manipulation
Mentioned in this episode
Organizations: Microsoft
More episodes of Microsoft Threat Intelligence Podcast
- Supply Chain Attacks: Open Source or Open Door? · June 3, 2026 · 39 min
- Eviltokens: A Conversation with Huntress on an AI‑Enabled Device Code Phishing Campaign · May 20, 2026 · 42 min
- Russia’s Forest Blizzard Is Abusing Home + Small Office Routers for Cred Theft · May 6, 2026 · 52 min
- The Cybercrime Shift: From Opportunistic Attacks to Marketplace-Driven Ecosystem · April 22, 2026 · 40 min
- Ransomware: From Isolated Attacks to Global Criminal Ecosystem · April 8, 2026 · 48 min
- Winter SHIELD: Closing the Security Control Gap · March 25, 2026 · 37 min
Explore listener stats, chart rankings, contacts and more on the Microsoft Threat Intelligence Podcast podcast page.