Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Architects Look to Beautify Data Centers as AI Expansion Sparks Local Resistance

      July 17, 2026

      The AI Gold Rush’s House of Cards: When Financial Engineering Begins to Eclipse Innovation

      July 17, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        Safely Recycling an Old PC Starts With Protecting Your Data

        July 17, 2026

        Trump Takes Measured Approach to Winning the Quantum Race

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026
      • AI

        Architects Look to Beautify Data Centers as AI Expansion Sparks Local Resistance

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        China Uses Open-Source AI Push to Expand Global Influence

        July 17, 2026

        Starbucks’s AI Shift Signals Growing Revolt Against Legacy Enterprise Software

        July 16, 2026

        New AI Safety Proposal Calls for U.S.-China Pause on Frontier AI Development

        July 16, 2026
      • Security

        Safely Recycling an Old PC Starts With Protecting Your Data

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        China Uses Open-Source AI Push to Expand Global Influence

        July 17, 2026

        New AI Safety Proposal Calls for U.S.-China Pause on Frontier AI Development

        July 16, 2026

        Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

        July 16, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        Trump Takes Measured Approach to Winning the Quantum Race

        July 17, 2026

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Critical GeminiJack Zero-Click Vulnerability in Google Gemini Enterprise Exposed Corporate Data
      Tech

      Critical GeminiJack Zero-Click Vulnerability in Google Gemini Enterprise Exposed Corporate Data

      Updated:February 21, 20265 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Critical GeminiJack Zero-Click Vulnerability in Google Gemini Enterprise Exposed Corporate Data
      Critical GeminiJack Zero-Click Vulnerability in Google Gemini Enterprise Exposed Corporate Data
      Share
      Facebook Twitter LinkedIn Pinterest Email

      A newly discovered zero-click security flaw in Google‘s Gemini Enterprise AI, dubbed GeminiJack, allowed attackers to silently access and exfiltrate sensitive corporate data — including Gmail messages, Calendar events, and Google Docs — without any user interaction, by embedding hidden instruction payloads in shared Workspace files that the AI would execute during routine searches. This architectural weakness was identified by Noma Labs, reported to Google, and subsequently patched; the exploit leveraged indirect prompt injection to bypass traditional defenses and acted through the AI’s Retrieval-Augmented Generation mechanisms.

      Sources: Cyber Security News, Security Affairs

      Key Takeaways

      – Zero-Click Exploit: GeminiJack allowed data theft without any clicks or alerts, turning shared Workspace content into a launch pad for silent extraction of corporate information.

      – Architectural Weakness: The vulnerability stemmed from how Gemini’s AI accessed and interpreted shared data across Gmail, Calendar, and Docs within corporate environments.

      – Patch and Future Risks: Google patched the flaw in collaboration with researchers, but this incident highlights broader risks as AI agents gain deep access to enterprise data.

      In-Depth

      In early December 2025, cybersecurity researchers uncovered a serious vulnerability in Google’s enterprise AI platform, Gemini Enterprise, that underscored the emerging cybersecurity challenges posed by advanced artificial intelligence systems. The flaw, named GeminiJack, was not your typical software bug — it was a structural weakness in how the AI processed and acted on content retrieved from corporate resources such as Gmail, Google Calendar, and Google Docs. Unlike classic exploits that depend on phishing or user mistakes, GeminiJack could be triggered without any user interaction at all, earning it the designation zero-click. The discovery was made by Noma Labs, a security firm specializing in AI risk, which reported the issue to Google as part of coordinated responsible disclosure. Google responded by releasing fixes that altered the way Gemini Enterprise and associated services like Vertex AI Search handle retrieval and instruction processing, aiming to close the gap that allowed the exploit.

      At the heart of GeminiJack was an indirect prompt injection technique. Attackers could embed hidden commands in seemingly benign shared content — a Calendar invite, a shared Google Doc, or even a Gmail message — that the AI would unwittingly interpret as legitimate instructions when included in the AI’s context during standard searches. Because Gemini Enterprise uses a Retrieval-Augmented Generation (RAG) architecture to pull together information from multiple corporate data sources, the presence of a malicious prompt could cause the AI to execute unauthorized queries across Gmail threads, calendar entries, and document repositories. The results of those queries could then be exfiltrated via a disguised network request embedded in an image tag, all without triggering alerts from data loss prevention systems or endpoint security tools.

      One of the most alarming aspects of this vulnerability was the lack of visible symptoms. From the employee’s perspective, everything looked normal: routine searches returned expected results. Security teams would see routine traffic with no malicious binaries, phishing links, or suspicious user behavior. Yet behind the scenes, sensitive communications, strategic documents, and internal calendars could be siphoned off in bulk to an attacker-controlled server. This starkly illustrated how AI tools with broad access privileges can become powerful attack surfaces if not rigorously constrained and monitored.

      Industry coverage of GeminiJack highlighted the potential scale of the problem. Security outlets reported that the vulnerability could have impacted millions of users within organizations that deployed Gemini Enterprise with broad data access permissions. In contrast to more isolated bugs, GeminiJack represented a new class of AI-native exploits driven by how machine learning systems interpret and act on context, rather than by flaws in conventional code execution paths. This distinction matters: defenses designed for traditional malware — signatures, network heuristics, and behavioral alarms — are ill-suited to detect an AI system dutifully following its programming while inadvertently assisting an attacker.

      Google’s response was swift once it understood the severity. The company worked with Noma Labs to validate the findings, then rolled out a fix that separated components like Vertex AI Search from Gemini Enterprise’s internal workflows and tightened the systems’ handling of retrieved content and instructions. But experts emphasized that patching a single flaw does not eliminate the broader category of risks inherent in generative AI systems with deep data access. As organizations increasingly integrate machine learning tools into core workflows, the need for AI-specific security practices — including prompt sanitization, strict access controls, and real-time monitoring of AI behavior — has become more urgent. Traditional security teams may need to adapt their playbooks to account for scenarios where the AI itself, rather than external malware, becomes the vector.

      The GeminiJack incident serves as a cautionary tale: while AI offers productivity gains, it also introduces new vectors for data exfiltration that are fundamentally different from conventional cyberattacks. As this class of vulnerabilities grows, defenders will need to rethink how to protect sensitive enterprise assets in an era where sophisticated AI assistants are woven into daily operations.

      Google iPhone
      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticleCritical 7-Zip Vulnerability With Public Exploit Requires Manual Update
      Next Article Critical Gogs Zero-Day Under Active Exploitation Compromises 700+ Git Instances

      Related Posts

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Trump Takes Measured Approach to Winning the Quantum Race

      July 17, 2026

      U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

      July 17, 2026

      Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

      July 16, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Trump Takes Measured Approach to Winning the Quantum Race

      July 17, 2026

      U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

      July 17, 2026

      Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

      July 16, 2026
      Popular Topics
      Stocks Startup trending Sundar Pichai Software Satellite Satya Nadella Series B starlink spotlight UAE Tech Tesla Cybertruck Tim Cook Viral Samsung Series A Tesla Taiwan Tech SpaceX Space
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.