WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
highnews
securitysafety
Source: The Hacker NewsJune 3, 2026
Summary
A vulnerability in Google Gemini's Android voice assistant could be hijacked through poisoned notifications from apps like WhatsApp or Slack, allowing attackers to manipulate what Gemini says, open windows, fake messages, or launch apps without needing malicious software on the phone. The attack works by treating hostile notification text as instructions the assistant should follow. Google has already patched this vulnerability, and there is no evidence it was exploited in the real world.
Solution / Mitigation
Google has since patched it.
Classification
Attack Type
Jailbreak
Attack SophisticationAdvanced
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
Google
Related Issues
Monthly digest — independent AI security research
Original source: https://thehackernews.com/2026/06/whatsapp-slack-notifications-could.html
First tracked: June 3, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%