TECH NEWS

Hackers could use poisoned WhatsApp and Slack notifications to take over your Google Gemini – and make it work on…

https://cdn.mos.cms.futurecdn.net/mfPaYGQmks2VALWFFBnSej-2000-80.jpg
  • Prompt injection flaw found in Android Gemini
  • Malicious notifications mix benign and hidden commands
  • Google patched issue server‑side last November

Prompt injection attacks are not reserved for email messages or calendar entries only. They can also be done on Android, using pretty much any communications platform in existence today. This is what SafeBreach's researcher Or Yair said in a new report.

A prompt injection attack works by “injecting” a prompt where it shouldn’t be one. For example, a benign email could have a prompt hidden in white text on a white background, or written with a font size 0, so that the human cannot see it. However, if the victim tells their AI assistant to “read the emails and sort them out”, the assistant might treat the hidden text as a prompt, and do the evil bidding for the attackers.

The core of the problem lies in the fact that...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more