Zero-Click Vulnerability Let Attackers Weaponize Enterprise AI Assistant. Google patched a vulnerability in Gemini Enterprise that allowed attackers to steal corporate data through a shared document, calendar invitation or email without any user action or security alerts. No malware was executed, no credentials were phished and no data left through approved channels.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/google-patches-ai-flaw-that-turned-gemini-into-spy-a-30236
