Adversaries are actively exploiting web-based Indirect Prompt Injection (IDPI) to manipulate Large Language Models (LLMs) and AI agents. By embedding hidden or obfuscated instructions within benign web content, attackers can coerce AI systems into performing unauthorized actions such as data destruction, SEO poisoning, and bypassing content moderation when the AI processes the webpage.