{"data":{"id":"374c6687-7e41-49a5-a6c2-7e63cf1388e7","title":"Gemini Voice Assistant Hijacked via Messaging Notifications","summary":"Researchers discovered a critical vulnerability in Google's Gemini voice assistant where attackers could inject malicious commands through messaging notifications (WhatsApp, Slack, SMS) using a technique called Fake Context Alignment, allowing them to control smart home devices, make calls, and manipulate the assistant without the user knowing. The attack exploited prompt injection (tricking an AI by hiding instructions in its input) by embedding hidden commands in foreign languages or muted links that Gemini would process but not read aloud. Google patched the vulnerability in November 2025 with content classifier improvements (software filters that categorize and block harmful content).","solution":"Google patched the vulnerability in mid-November 2025 with content classifier improvements.","labels":["security","safety"],"sourceUrl":"https://www.securityweek.com/gemini-voice-assistant-hijacked-via-messaging-notifications/","publishedAt":"2026-06-04T12:57:37.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","rag_poisoning"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google","Gemini","Google Home","Google Workspace","WhatsApp","Slack","Zoom"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-04T12:57:37.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}