Warning: Google Gemini Has Been Exploited For Invisible Phishing In Gmail

There's been a lot of discussion over the world about AI safety and guard-rails lately, but it usually revolves around obvious topics like self-harm, instructions on how to create large-scale explosives, and the like. The AI field, however, is still in its infancy, and today's security vulnerability is painfully obvious and illustrates how difficult it is to try and reason with something that only appears to have real intelligence.

The affected AI agent is the well-known Google Gemini, more specifically the variant in the Google Workspace office suite that's used by millions around the world. The gist is that any person can craft and send an email to someone who uses Gemini, which contains instructions that Gemini will blindly follow. While that kind of scenario is often accounted for and several vulnerabilities of this type have already been found and squashed, "prompt injection", as this attack is ...