570 matches found
gemini-exploit
Project Demo - Totally Legitimate Software Overview This...
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence AI chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to...
Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin”
Scammers have found a new use for AI: creating custom chatbots posing as real AI assistants to pressure victims into buying worthless cryptocurrencies. We recently came across a live "Google Coin" presale site featuring a chatbot that claimed to be Google's Gemini AI assistant. The bot guided...
AI Arms and Influence: Frontier Models Exhibit Sophisticated Reasoning in Simulated Nuclear Crises
Today's leading AI models engage in sophisticated behaviour when placed in strategic competition. They spontaneously attempt deception, signaling intentions they do not intend to follow; they demonstrate rich theory of mind, reasoning about adversary beliefs and anticipating their actions; and th...
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence AI model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber...
Security Assessment of Intel TDX with Support for Live Migration
In the second and third quarters of 2025, Google collaborated with Intel to conduct a security assessment of Intel Trust Domain Extensions TDX, extending Google's previous review and covering major changes since Intel TDX Module 1.0 - namely support for Live Migration and Trusted Domain TD...
AI chat app leak exposes 300 million messages tied to 25 million users
An independent security researcher uncovered a major data breach affecting Chat & Ask AI, one of the most popular AI chat apps on Google Play and Apple App Store, with more than 50 million users. The researcher claims to have accessed 300 million messages from over 25 million users due to an...
Google Gemini Enterprise 安全漏洞
Google Gemini Enterprise is a generative AI platform developed by Google, Inc. of the United States. There is a security vulnerability in Google Gemini Enterprise, which stems from the use of predictable Google Cloud Storage bucket names. This vulnerability may allow attackers to preemptively tak...
Whispers of Wealth: Red-Teaming Google's Agent Payments Protocol Via Prompt Injection
Large language model LLM based agents are increasingly used to automate financial transactions, yet their reliance on contextual reasoning exposes payment systems to prompt-driven manipulation. The Agent Payments Protocol AP2 aims to secure agent-led purchases through cryptographically verifiable...
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
CVE-2026-0755 affects the gemini-mcp-tool, specifically the execAsync method. The flaw is an OS command injection (CWE-78) caused by insufficient validation of user-supplied input before it is used in a system call, enabling unauthenticated remote code execution. Attackers could run arbitrary cod...
CVE-2026-0755 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
Google Gemini MCP Tool operating system command injection vulnerability
Google Gemini MCP Tool is a tool component developed by Google Inc., based on large model context protocols. Google Gemini MCP Tool has a vulnerability related to operating system command injection. This vulnerability stems from the execAsync method, which executes system calls without verifying...
context_compaction
Google ADK Context Compaction POC A proof of concept demonstr...
Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security's Head of Research, Liad...
Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites
Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security...
BIT-KIBANA-2026-0532 External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector
External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...