Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
The Hacker News • • business
Key Points:
- Researchers disclosed a security flaw exploiting indirect prompt injection in Google Gemini, enabling attackers to bypass Google Calendar's privacy controls and extract private meeting data via malicious calendar invites.
- The attack activates when a user innocently queries Gemini about their schedule, causing the AI to summarize private meetings in a new calendar event visible to the attacker, allowing data exfiltration without user interaction.
- This vulnerability highlights how AI-native features can expand attack surfaces, with risks emerging from language manipulation and AI behavior at runtime rather than traditional code flaws.
- Recent related findings include privilege escalation vulnerabilities in Google Cloud Vertex AI, multiple security flaws in AI tools like The Librarian and Cursor IDE, and issues with AI coding assistants failing to enforce critical security controls.
- Experts emphasize the need
