Gemini prompt-injection attacks and real risks
🛡️ Two SafeBreach studies demonstrate how prompt-injection techniques can bypass layers of defenses around Google Gemini, using calendar invites or text messages as entry points. Attackers chain indirect injection, memory poisoning, delayed execution, and fake context alignment to get the assistant to perform unauthorized actions across devices. Even with Google fixes, the research highlights a persistent arms race between attackers and defenders that leaves users needing to restrict assistant access.
