Hackers Could Use Poisoned WhatsApp and Slack Notifications to Take over Your Google Gemini – and Make It Work on Their Behalf

Google Gemini security flaw lets hackers hijack your Android phone via WhatsApp — what you need to know

A Google Gemini security flaw can leave Android phones vulnerable through WhatsApp messages

Hackers could use poisoned WhatsApp and Slack notifications to take over your Google Gemini – and make it work on their behalf

Prompt injection works on Android notifications, as well, and could have been used for a myriad of things.

WhatsApp Messages on Android Expose New Gemini AI Security Risk

SafeBreach researchers showed how hidden commands in Android notifications could trick Google Gemini through indirect prompt injection.

A WhatsApp Message Could Have Hijacked Gemini AI

A single poisoned notification could have hijacked Google Gemini’s voice assistant on Android. The malicious message could come from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger. Once triggered, it could open a victim’s connected windows, fake a message from their boss, force the phone into a Zoom call, or quietly poison Gemini’s long-term memory. Crucially, […] The post A Single WhatsApp Notification Could Have Hacked Your Gemini AI, R…

New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS

A new class of indirect prompt injection (IPI) attacks targets Google Gemini’s voice assistant, allowing attackers to silently hijack the AI through malicious payloads delivered via everyday messaging apps, including WhatsApp, Slack, Signal, SMS, Instagram, and Messenger. The research, led by Or Yair, Security Research Team Lead at SafeBreach, builds on the firm’s earlier “Invitation Is All You Need” disclosure, which weaponized Google Calendar …