Google has chosen not to address a new ASCII smuggling attack in Gemini that can manipulate AI responses and compromise data integrity. This vulnerability highlights the growing risks associated with large-language models and their integration with sensitive systems. #ASCIIsmuggling #GoogleGemini
Keypoints
- ASCII smuggling uses hidden Unicode characters to embed malicious payloads in AI inputs.
- Google Gemini and other AI tools like DeepSeek and Grok are vulnerable to these attacks.
- The attack can manipulate Calendar invites and emails embedded with hidden instructions.
- Google dismissed the issue as non-security-related, ignoring the potential data exploitation risks.
- Other companies, like Amazon, have published security guidelines for Unicode character smuggling.
Read More: https://www.bleepingcomputer.com/news/security/google-wont-fix-new-ascii-smuggling-attack-in-gemini/