"Security researchers have revealed a flaw in Google's Gemini AI assistant that allowed attackers to quietly pull private calendar data from users with nothing more than carefully crafted language hidden in a meeting invite. The vulnerability was uncovered by cybersecurity firm Miggo, which said it found a way to bypass Google Calendar's privacy controls by embedding hidden instructions in a calendar event description. In a blog explaining the research, Miggo said the flaw showed how AI systems can be manipulated through normal language rather than malicious code."
""Because Gemini automatically ingests and interprets event data to be helpful, an attacker who can influence event fields can plant natural language instructions that the model may later execute," Miggo explained. In the attack scenario, an attacker sent a calendar invite to a victim. Hidden in the event's description was a prompt written in plain language. It did not look suspicious and did not require the victim to click anything. The malicious instructions remained dormant until the victim later asked Gemini a normal question, such as whether Gemini was free on a certain day."
Security firm Miggo discovered a vulnerability that allowed hidden natural-language instructions embedded in Google Calendar event descriptions to bypass privacy controls. Gemini automatically ingests event titles, descriptions, times, and attendee details to answer scheduling queries, which allowed an attacker who could influence event fields to plant prompts. An attacker could send a calendar invite containing a dormant prompt; when the victim later asked Gemini a routine question, the model executed the hidden instructions. Gemini then summarized private meetings and wrote that information into a newly created calendar event, enabling unauthorized access to private meeting data and the creation of deceptive events.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]