Researchers have identified a significant vulnerability in Google Gemini on Android, where content from app notifications can be interpreted as commands. This means malicious text within notifications from apps like WhatsApp or Slack could trick Gemini into executing actions such as opening websites, sending messages, or making calls without requiring any malicious app installation. The issue stems from Gemini's inability to distinguish between regular notification data and potentially harmful instructions, leading to risks of session hijacking and persistent memory poisoning. AI
IMPACT This vulnerability highlights a critical security gap in LLM-based assistants, potentially impacting user trust and data security across various platforms.
RANK_REASON The cluster describes a newly discovered vulnerability and its technical details, fitting the definition of research. [lever_c_demoted from research: ic=1 ai=1.0]
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →