{"data":{"id":"a83885cb-cce3-4953-affe-e3edb099d6f0","title":"Google Workspace’s continuous approach to mitigating indirect prompt injections","summary":"Indirect prompt injection (IPI) is a security threat where attackers hide malicious instructions in data or tools that an AI system uses, potentially influencing how it behaves without direct user input. Google treats IPI as an ongoing challenge rather than a one-time problem to solve, using multiple continuous strategies including human red-teaming (adversarial simulations), automated red-teaming (machine-learning-driven attack testing), a vulnerability rewards program for external researchers, and monitoring of publicly disclosed attacks to stay ahead of evolving threats.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"http://security.googleblog.com/2026/04/google-workspaces-continuous-approach.html","publishedAt":"2026-04-02T16:00:00.003Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google","Google Workspace","Gemini"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-02T16:00:00.003Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}