Tenable Research identified three distinct vulnerabilities in Google’s Gemini, showing how modern AI platforms can be leveraged as both targets and vehicles of attack:
Search-injection attacks targeting the Search Personalization Model
Log-to-prompt injection attacks abusing Gemini Cloud Assist’s log summarization features
Exfiltration of saved data and location through the Gemini Browsing Tool
These vulnerabilities demonstrate that the tools designed to streamline user interactions with information are also susceptible to creative attack chains.
https://cyberpress.org/gemini-vulnerabi ... google-ai/