Researchers demonstrated how to bypass Google Gemini’s defenses using natural language instructions to leak private calendar data via malicious calendar invites. The attack exploits Gemini’s automatic data parsing and reasoning capabilities, enabling sensitive information exfiltration without triggering security alerts. #GoogleGemini #PromptInjection
Keypoints
- Researchers found a way to bypass Google Gemini’s security using natural language prompts.
- The attack involves malicious calendar invites with embedded prompt-injection payloads.
- Victims’ schedule inquiries trigger Gemini to reveal private calendar details unknowingly.
- The exploit allows sensitive data to be leaked within calendar event descriptions.
- Google has implemented new mitigations after the vulnerability was disclosed by researchers.