Google fixes Gemini Android flaw from malicious notifications

Suomi

A vulnerability in Google Gemini on Android allowed crafted notifications from apps like WhatsApp and Slack to manipulate the AI's responses and connected tools. The issue, discovered by SafeBreach, has been addressed through server-side changes.

SafeBreach researchers identified the flaw while testing Gemini’s Android Utilities feature, which reads and responds to phone notifications. The problem enabled prompt injection attacks using alerts from messaging and social apps including WhatsApp, Slack, SMS, Signal, Instagram, and Messenger. The technique, called Fake Context Alignment, created dual scenarios that bypassed security checks. One appeared legitimate to Gemini while presenting a benign version to the user. Or Yair, security research team lead at SafeBreach, published the findings on June 3. Google resolved the issue with server-side content-classifier improvements. No evidence of real-world exploitation was found, and no app update was required for users. Researchers noted that the attack did not need a malicious app on the device. Users can reduce risk by disabling Gemini’s Utilities app or the Google app’s notification permissions. The discovery follows earlier research on calendar-based attacks against the AI.

Liittyvät artikkelit

Illustration of a person checking their phone for a spoofed call warning on Android, highlighting Google's new deepfake detection feature.
AI:n luoma kuva

Google adds detection for spoofed calls to Android phones

Raportoinut AI AI:n luoma kuva

Google is rolling out a new feature to Android devices that detects impersonation scams involving spoofed calls. The update targets the rising threat of AI-generated deepfake voices in financial fraud. It begins deploying this month on phones running Android 12 and higher.

Google Chrome installs Gemini Nano AI model without user consent

Google has been quietly installing a 4GB AI model called Gemini Nano onto some Chrome browsers without notifying users. Computer scientist Alexander Hanff raised the issue after discovering the file on his devices. The company says the model supports on-device features like scam detection and has provided ways to disable it.

Google updates Home app with Gemini-powered camera features

Raportoinut AI

Google has rolled out enhancements to its Google Home app, improving camera navigation and controls with Gemini AI integration. The update also brings Gemini 3.1 to the voice assistant for early access users, enabling better handling of complex commands. New automation options expand smart home capabilities.

Teknologia

Google debuts Gemini Spark AI agent at I/O conference

Teknologia

UK study reveals AI agents evading safeguards in user interactions

Teknologia

Meta patches ai chatbot flaw used to hijack instagram accounts

Google rolls out Skills feature in Chrome for reusable Gemini prompts

Google has begun rolling out a new 'Skills' feature in its Chrome browser on desktop, enabling users to save and quickly reuse custom Gemini AI prompts. The update makes it easier to repeat tasks like calculating protein in recipes or comparing products across tabs. Skills sync across devices when signed into a Google account and include a library of premade prompts.

Android malware returns disguised as TikTok or streaming apps

Raportoinut AI

A banking trojan has resurfaced on Android devices, posing as popular apps including TikTok and various streaming services.

21. toukokuuta 2026 11.42

Google expands Gemini AI across devices and homes

12. toukokuuta 2026 23.36

Google announces gemini intelligence and new googlebooks laptops

30. huhtikuuta 2026 06.14

Google's Gemini AI generates files directly in chats

23. huhtikuuta 2026 05.31

Google brings back continued conversations to Gemini for Home

16. huhtikuuta 2026 00.18

Google launches native Gemini app for macOS

Tämä verkkosivusto käyttää evästeitä

Käytämme evästeitä analyysiä varten parantaaksemme sivustoamme. Lue tietosuojakäytäntömme tietosuojakäytäntö lisätietoja varten.
Hylkää