r/LocalLLaMA: Production Prompt Injection Detection Data Shows 2026 Attacks Are Fundamentally Different From 2023 — Direct Overrides Gone, Multi-Step Hijacking Dominant

The operator of a production prompt injection detection API reports that attack patterns against deployed LLMs in 2026 look 'almost nothing' like 2023 threats: simplified 'ignore previous instructions' overrides have nearly disappeared, replaced by multi-step goal hijacking, agent-context pollution, delayed-execution payloads, and indirect route injection via documents, memory stores, and search results. Live data from the API is included in the post, illustrating what current attack sequences look like versus what most deployed defenses are calibrated to catch. Disclosure: the author builds and sells Bordair, the detection API providing the data.