Google Gemini vulnerability enables hidden phishing attacks

A bug in Google Gemini allows attackers to hijack email summaries and launch phishing attacks. Google Gemini for Workspace can be abused to generate email summaries that appear legitimate but contain malicious instructions or warnings. The problem is that attackers can redirect their victims to phishing sites without attachments or direct links. The vulnerability was submitted to 0DIN (0Day Investigative Network), Mozilla’s GenAI bug bounty program. Although similar indirect prompt attacks on Gemini were already reported in 2024 and security measures were taken, the technique is still viable today, according to the expert. How the attack works In ablog post, GenAI bug bounty technical product manager Marco Figueroa explains that the attack relies on crafted HTML / CSS inside the email body. Because the injected text is hidden the user never sees the instruction in the original message. The trigger happens when the user requests Gemini to summarize their unread emails, they receive a ma...