What happened
Researchers discovered that graph neural networks—AI systems trained on relationship data like social networks or molecular structures—can be fooled by injecting fake nodes into the graph at inference time, without needing to modify the original structure or learn anything about the model's internals. This matters because these networks are increasingly used in real systems like recommendation engines and drug discovery, and this attack works instantly with zero computational overhead, suggesting deployed versions may be vulnerable to sabotage or manipulation.
Why it matters
This shows a fundamental vulnerability in how graph neural networks process relationship data: they're brittle against structural attacks that don't require sophisticated optimization or prior knowledge of the system, which means real-world deployments in finance, biotech, or infrastructure may be easier to disrupt than currently assumed.