Google Patches “Gemini Trifecta” Vulnerabilities in Gemini AI Suite

Cybersecurity firm Tenable found three critical flaws allowing prompt injection and data exfiltration from Google’s Gemini AI. Learn why AI assistants are the new weak link.

Cybersecurity researchers at Tenable recently discovered three critical security flaws within Google’s Gemini AI assistant suite, which they’ve dubbed “Gemini Trifecta.” These vulnerabilities, publicly disclosed around October 1, 2025, made Gemini exposed to prompt injection and data exfiltration, putting users at risk of having their personal data stolen.

How Attackers Could Hijack Your Data

These issues originate from vulnerabilities in three distinct components of the Gemini system. Researchers demonstrated each vulnerability with successful Proof-of-Concept (PoC) attacks. Here’s a detailed review of the detected flaws:

Gemini Search Personalization Model

This flaw allowed prompt injection via manipulation of a user’s Chrome search history. Researchers successfully demonstrated this using a clever JavaScript trick from a malicious website to write a hidden prompt ...