BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Gemini AI Hijacked Via Fake Android Notifications

Gemini exploit hijacked voice via fake notification, now patched by Google.

  • A researcher bypassed Google’s security updates for its Gemini voice assistant on Android using a technique called Fake Context Alignment.
  • The exploit allowed a single poisoned notification from apps like WhatsApp or Signal to hijack the assistant, potentially controlling smart devices or poisoning its long-term memory.
  • Google has since patched the vulnerability server-side, and there is no evidence it was ever used in real-world attacks.
  • Users can mitigate risk by disabling Gemini’s notification-reading feature in their device settings.

In June 2026, cybersecurity researcher Or Yair from SafeBreach demonstrated a critical new way to exploit Google’s Gemini AI on Android devices. A single malicious notification from any major messaging app could have hijacked the voice assistant, according to the research published by the firm. This followed earlier work on calendar-based exploits, which Google had already attempted to harden against.

- Advertisement -

The attack exploited Gemini’s Utilities feature, which reads notifications to provide context. Consequently, any service that could push a notification created what Yair called an “effectively infinite” attack surface. No malicious app was required on the victim’s phone for the initial intrusion to succeed.

Yair’s technique, Fake Context Alignment, cleverly bypassed Google’s post-“Invitation” security checks. It involved obfuscating the real authorization prompt in a foreign language or hiding it in a muted hyperlink. The user would hear a harmless question and reply “Yes,” while the system linked that consent to the hidden, malicious command.

The potential impacts were severe, ranging from smart home control to memory poisoning. An attacker could, for example, force a phone to join a Zoom call or persistently save a false fact to the user’s account. “The poisoned fact isn’t stuck on the phone; it follows the victim wherever they use Gemini on that account,” the report stated.

SafeBreach reported the vulnerability to Google in August 2025, and the company confirmed a fix by November. Meanwhile, the fix is server-side, so no user app update is needed. The only direct control for users is to disconnect Gemini’s notification access in their Android settings.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Hacker leaks Suno source code, confirms massive music scraping

A Hacker using the Shai-Hulud worm breached AI music platform Suno and leaked source...

Analysts, traders: Stripe-Advent offer undervalues PayPal

A reported $53.4 billion takeover offer from Stripe and Advent International at $60.50 per...

Robinhood Chain’s memecoin boom fizzles as tokens die and launchpads pause

Robinhood Chain launched on July 1 for real-world assets, but its first week was...

BitPay secures MiCA license, expands EU stablecoin payments

BitPay secured a license as a crypto-asset service provider from the Dutch Authority for...

n8n bug lets one token claim login into wrong user account

A critical identity-binding flaw in n8n's token exchange allowed account takeover when multiple external...

Must Read

Best Crypto Audiobooks of 2026: The Ultimate Listen & Learn Guide

You can't read Bitcoin charts while driving 70 mph on the highway. You can't study Ethereum whitepapers during your morning run. But you can...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading