Tenable Exposes AI Flaws in Google Gemini That Could Have Let Hackers Steal Data from Millions

Tenable, the exposure management company, has identified three vulnerabilities in Google’s Gemini suite, collectively dubbed the Gemini Trifecta. These flaws, now remediated, exposed users to significant privacy risks that could have enabled attackers to manipulate Gemini’s behavior and silently steal sensitive data such as location information and saved user memories.

The Gemini Trifecta worked across three core parts of the Gemini suite, each exposing users in different but equally dangerous ways. In Gemini Cloud Assist, poisoned log entries could be planted so that when users later interacted with Gemini, the system would unknowingly follow malicious instructions. In the Gemini Search Personalization Model, attackers could silently inject queries into a victim’s browser history, which Gemini then treated as trusted context, allowing sensitive data like saved information and location to be siphoned off. And in the Gemini Browsing Tool, attackers could trick Gemini into making hidden outbound requests that ...