Particle.news
Download on the App Store
14 ARTICLES
·
2w ago

Google Patches Gemini Prompt Injection Flaw That Hijacked Smart Homes

After a Black Hat USA demo showed how a poisoned calendar invite could control smart home devices, Google tightened Gemini’s security measures with filtered outputs, explicit confirmations, AI-driven checks.

Image
Image
Image
Image

Overview

  • Researchers from Tel Aviv University, Technion and SafeBreach Labs demonstrated at Black Hat USA how indirect prompt injection via a poisoned Google Calendar invite could hijack Gemini to operate lights, windows, boilers and other smart home devices.
  • The attack worked by embedding hidden instructions in calendar event descriptions that Gemini executed when asked to summarize the user’s schedule, triggering preprogrammed actions on connected devices.
  • Following the public demonstration in early August, Google patched the specific vulnerabilities in Gemini and accelerated development of broader defenses against prompt injection.
  • The new safeguards include filtering suspicious outputs, requiring explicit user confirmation for sensitive commands and deploying AI-driven detection to flag malicious prompts.
  • Security experts caution that as AI agents become more deeply integrated with apps and physical devices, similar prompt injection risks remain and will demand ongoing vigilance.