Jan 21, 2026
Google AI csam gemini
’s for Workspace has been shown vulnerable to “indirect prompt injection” that allows hidden HTML/CSS instructions embedded in email bodies to manipulate Gemini’s summaries and push fraudulent securit...
Calendar Exfiltration
Other researchers expanded the threat model to calendar exfiltration and misleading event creation, illustrating that natural-language APIs and assistant features can be manipulated to leak or misrepresent private data.