A manipulated notification via WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could hijack Google Gemini on Android devices and force it to execute arbitrary actions without requiring a malicious app to be installed on the phone.
Prompt injection vulnerability in Google Gemini Voice Assistant enables hidden malicious commands through manipulated notifications, potentially leading to social engineering and data misuse.
Meta connected its support chatbot directly to critical account management functions, giving attackers an easy way to hijack accounts without authorization.
Barely perceptible acoustic signals embedded in audio files can covertly manipulate AI speech models into data exfiltration or network access, while conventional security mechanisms fail to detect 70–93 percent of attacks.