Security researchers uncovered three vulnerabilities in Google’s Gemini AI assistant, dubbed the “Trifecta.” Although now patched, these issues raise significant concerns about AI safety in everyday services. The vulnerabilities affected three key components:
-
Gemini Cloud Assist could be exploited through hidden prompts in web requests, allowing attackers to embed malicious instructions, potentially gaining control over cloud resources.
-
Gemini Search Personalization Model could inject harmful prompts via a website, risking the leak of users’ personal data when interacting with Gemini’s search features.
-
Gemini Browsing Tool might inadvertently send sensitive user information to malicious servers while summarizing web pages.
Google has since blocked dangerous links and enhanced Gemini’s defenses. Although the risks are mitigated, users should exercise caution by avoiding suspicious websites, keeping software updated, managing shared information with AI tools, and using real-time anti-malware solutions. Stay informed about AI security, as threats evolve continually. Download Malwarebytes for proactive protection against cyber risks.
