Google has warned Gmail users about a new cyber threat involving prompt injections that can manipulate AI, leading to deceptive security alerts. Researchers from 0din, Mozilla’s zero-day investigation group, showcased how attackers exploit vulnerabilities in Google Gemini’s summarization features. They demonstrated a scenario where hidden prompts in a malicious email, written in white-on-white font, trick Gemini into creating phishing warnings that appear legitimate.
This indirect prompt injection leverages invisible HTML tags to execute harmful commands. Despite Google’s mitigations since 2024, these tactics remain a significant risk. Experts emphasize that Gemini’s summaries should not be considered reliable security sources and recommend training users to identify potential threats.
Users are urged to delete emails with unexpected AI-generated security warnings, as these may be weaponized. As AI use increases, industry-wide countermeasures and stronger user protections are essential to combat these emerging cyber threats.
Source link