Google Gemini exploited via calendar prompt injection
⚠️ Researchers disclosed an indirect prompt-injection flaw that allowed Google Gemini to bypass calendar privacy controls and exfiltrate meeting data. A crafted Google Calendar invite could hide a natural-language payload that Gemini later parsed, summarized, and wrote into new events whose descriptions leaked private meeting content. Miggo Security reported the issue and said it has been responsibly disclosed and addressed, highlighting how AI-native features increase the attack surface when assistants can read, summarize, and write into productivity services.
