Overview
- In an August 19 blog post, Google flagged an emerging attack that manipulates instruction‑tuned models by turning ordinary content into covert commands.
- The technique embeds malicious prompts inside emails, documents, or calendar invites that AI tools process, potentially leading to data leaks or unauthorized transactions.
- Coverage notes Google’s reach of roughly 1.8 billion Gmail accounts, highlighting the scale of possible exposure as generative AI becomes more widely used.
- News reports, citing security expert Scott Polderman, claim emails with hidden commands can cause Gemini to reveal passwords without users clicking anything.
- Google has begun rolling out protections to strengthen Gemini 2.5 and use machine‑learning systems to flag suspicious prompts, while guidance urges users to treat AI summaries cautiously and consider disabling smart features for risky messages.