Recent research has uncovered a critical vulnerability in Google Workspace’s AI assistant, Gemini. The study reveals that Gemini can be manipulated to display hidden malicious instructions within emails, using techniques such as plain HTML formatting or invisible font colors. Recipients cannot see this text, yet Gemini reads it aloud in summaries, potentially causing users to misinterpret these prompts as legitimate alerts, leading to unintended sharing of sensitive information.
Researcher blurrylogic highlights the risks associated with this vulnerability. In response, Google is proactively addressing the issue by retraining its models to ignore harmful instructions and enhancing its phishing countermeasures, such as identifying rogue links. While Google’s swift action is commendable, users are advised to remain cautious and skeptical about the information provided by Gemini, especially when it comes to unusual requests or warnings.
For more insights into tech security and AI vulnerabilities, stay informed through reputable sources.
Source link
