BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Google Patches Gemini AI Vulnerabilities Exposing User Data

Google patches critical vulnerabilities in Gemini AI assistant exposing users to data theft and privacy risks

  • Three security flaws affecting Google‘s Gemini AI assistant were recently fixed after being disclosed by Cybersecurity researchers.
  • The vulnerabilities threatened users’ privacy by enabling data theft through prompt injections and search manipulations.
  • Each flaw targeted a different element of the Gemini suite: Cloud Assist, Search Personalization model, and Browsing Tool.
  • Google has since strengthened defenses by stopping hyperlink rendering in logs and enhancing protections against prompt injection attacks.
  • The findings emphasize that AI tools themselves can be exploited as attack platforms, highlighting the need for strict security measures.

Google has patched three security vulnerabilities found in its Gemini Artificial Intelligence assistant that could have exposed users to privacy risks and data theft. The flaws were revealed by cybersecurity researchers on September 30, 2025, who identified methods attackers might have used to access sensitive information.

- Advertisement -

The security issues, called the Gemini Trifecta, affected three components of the Gemini suite. They included a prompt injection vulnerability in Gemini Cloud Assist, a search-injection flaw in the Gemini Search Personalization model, and a prompt injection risk in the Gemini Browsing Tool.

Tenable researcher Liv Matan detailed that the Cloud Assist defect allowed threats actors to embed malicious prompts in HTTP requests, targeting various cloud services like Cloud Run and App Engine. The Search Personalization flaw let attackers manipulate Chrome search history via JavaScript to control the AI’s responses and leak saved data. The Browsing Tool vulnerability enabled exfiltration of user information by exploiting its webpage summarization function.

One possible attack involved prompting Gemini to query all public assets or misconfigurations in cloud settings and sending the sensitive data to a malicious server. According to Matan, “This should be possible since Gemini has the permission to query assets through the Cloud Asset API.”

Following responsible disclosure, Google disabled hyperlink rendering in log summaries and implemented additional safeguards to prevent prompt injection. Matan commented, “The Gemini Trifecta shows that AI itself can be turned into the attack vehicle, not just the target.” She stressed the importance of visibility and strict policy enforcement to secure AI tools.

- Advertisement -

The vulnerabilities highlight the increasing attack surface as AI software integrates more deeply into systems. In a related case, security firm CodeIntegrity described a data exfiltration method using prompt instructions hidden in PDF files for Notion’s AI agent, demonstrating ongoing risks when AI tools have broad workspace access.

This collection of security issues serves as a reminder that advancing AI capabilities requires parallel investments in protecting these technologies from abuse.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Saylor Rage-Quits Channel 4 Over Bitcoin Grilling

Michael Saylor ended a Channel 4 interview by accusing the reporter of being offensive...

Linux ‘Bad Epoll’ Bug Grants Any User Root Access

A critical Linux kernel flaw, Bad Epoll (CVE-2026-46242), allows a standard user to gain...

Crypto Bill Fails to Meet White House July 4 Deadline

The White House will miss its July 4 deadline for passing a cryptocurrency market...

Alphabet Undervalued Despite Record Growth, AI Push

Alphabet (GOOGL) stock is deemed undervalued despite record revenue and strong AI positioning, trading...

PamStealer Malware Targets MacOS Users, Steals Data

A new macOS malware, PamStealer, is actively targeting cryptocurrency users by stealing wallet data...

Must Read

How Much Money Do You Need To Start In Crypto?

TL;DR -If you are wondering How Much Money Do You Need To Start In Crypto, note that is less than you are probably thinking....
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading