The indirect prompt injection vulnerability allows an attacker to weaponize calendar invites to circumvent Google’s privacy controls and access private data.
First seen on darkreading.com
Jump to article: www.darkreading.com/cloud-security/google-gemini-flaw-calendar-invites-attack-vector
