Hidden in Plain Sight: How Notification Prompt Injection Can Hijack Your AI Assistant

Malicious Notifications Could Trick Google Gemini Users

SafeBreach found a prompt injection flaw in Gemini enabling unauthorized commands via voice notifications; Google patched it. For IT leaders, this signals that AI architecture risks require treating all external input as untrusted and enforcing strict access controls to prevent social engineering and unauthorized device access.