Artificial intelligence

Xeris Uncovers New AI Agent Attack: Reasoning Step Hopping (XERIS-005)

Xeris Threat Lab Uncovers New LLM Attack Method: ‘XERIS-005 – Reasoning Step Hopping’

Xeris.ai, a cybersecurity startup specializing in securing Generative AI environments, today announced the release of its latest threat report, XERIS-005: Reasoning Step Hopping Attack.

The attack is executed by the MCP Server silently, with zero visibility to the user. The MCP Server silently instructs the LLM to hop over a reasoning step-completely hidden from the user.

New Xeris report details how MCP Servers can hijack individual reasoning steps in LLM workflows.

“This isn’t prompt injection. It’s a deeper, more dangerous logic-level hijack. By taking over the reasoning flow, an attacker can shape conclusions and decisions invisibly.” – Shlomo Touboul, Co-Founder and Active Chairman of Xeris.

This marks an important discovery by the Xeris Threat Lab, highlighting a novel method in which malicious MCP (Model Context Protocol) Servers manipulate the reasoning process of Large Language Models (LLMs).

Traditionally seen as a neutral bridge between the LLM and enterprise data, the MCP Server is now shown to have the potential for far greater influence. In the XERIS-005 scenario, the MCP Server takes control over the LLM’s step-by-step reasoning process. By forcing the model to externally validate each step and then subtly modifying one selected step, the attacker can alter the final response while keeping the model unaware of the manipulation.

“This isn’t prompt injection. It’s a deeper, more dangerous logic-level hijack,” said Shlomo Touboul, Co-Founder and Active Chairman of Xeris. “By taking over the reasoning flow, an attacker can shape conclusions and decisions invisibly. That’s a new class of risk that enterprises must be ready for.”

Reffael Caspi, Co-Founder and CEO of Xeris, added:
“XERIS-005 shows how fast threat actors are evolving. What used to be a passive data access layer can now actively control and distort reasoning in real time. Our mission at Xeris is to stay one step ahead, protecting the trust layer of GenAI before it’s too late.”

The full technical report, including a detailed breakdown of the attack flow and mitigation strategies, is now available on the Xeris website:
https://www.xeris.ai/threat-reports/reasoning-step-hopping-attack

As part of its ongoing commitment to transparency and proactive defense, Xeris pre-released this report to members of the MCP Security Group-a growing community of AI and cybersecurity professionals who receive early access to Xeris research and engage in deep technical discussion around emerging GenAI threats.

Professionals interested in joining the group and staying ahead of new threat vectors are invited to apply here:
https://www.linkedin.com/groups/10141833/

About Xeris:
Xeris.ai is a pioneer in Generative AI security. Its flagship solution, the MCP-XDR platform, provides extended detection and response for AI agent environments, enabling CISOs to apply enterprise-grade policy, visibility, and control across distributed AI workflows. The Xeris Threat Lab continuously monitors and analyzes real-world risks targeting AI reasoning, data access, and identity integrity.

Media Contact:
info@xeris.ai
www.xeris.ai
Shlomo Touboul
Xeris AI

Visit us on social media:
LinkedIn

Joseph Wilson

Joseph Wilson is a veteran journalist with a keen interest in covering the dynamic worlds of technology, business, and entrepreneurship.

Recent Posts

Young Mayden Legal Search Recognized for Recruiting Excellence

The Recruiter Spotlight on Young Mayden is part of the Legal Recruiter Directory’s new series…

12 hours ago

Indra Energy Customers Fuel Reforestation and Community Empowerment in Senegal

Senegal's Green Future: Indra Energy Customers Fuel Vital Ecosystem Restoration Following the successful launch of…

12 hours ago

Dr. Aiman Hanna Integrates BassiliChat into Computer Science and Engineering Courses

Canada’s BassiliChat AI joins university courses with Dr. Aiman Hanna, letting students compare ChatGPT, Claude,…

13 hours ago

3DRBI Announces 3D Remote Building Inspection Project with Southern First Nations Secretariat (SFNS)

First Nation communities may struggle to find qualified home inspectors, and this challenge is exacerbated…

13 hours ago

PostGrid Named the Fastest Growing Technology Company by The Globe and Mail

Ranked #1 in Technology and #2 Overall Among the Nation’s Fastest Growing Businesses PostGrid, the…

13 hours ago

Pulse Events Presents: S2O Los Angeles

Makes Waves in West Coast Debut: Over 10,000 Fans Attend The World’s Wettest Party at…

13 hours ago

This website uses cookies.