New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email
Researchers have demonstrated a novel “MemGhost” attack that injects persistent false memories into AI personal assistants through a single crafted email, causing the AI to save deceptive information without alerting the user. Targeting assistants like OpenClaw that maintain memory files and access user inboxes, the attack stealthily alters the assistant’s knowledge base, influencing future interactions while evading detection by existing filters and user oversight. The study highlights a critical vulnerability where AI memory writes from untrusted inputs remain unregulated, urging the need for provenance tracking, user approval, and audit logging to mitigate such persistent memory poisoning risks.
https://thehackernews.com/2026/07/new-memghost-attack-plants-persistent.html













