Google Confirms AI-Driven Attack Vulnerability in Gmail

Gmail hit by AI prompt injection attack via calendar

Hidden instructions in emails, files, and calendar invites can trick AI assistants into leaking private information, Google confirms. Google has confirmed a security vulnerability involving a new AI-driven attack that can compromise Gmail accounts. The company noted that the threat "is not specific to Google" and highlights the need for stronger defenses against prompt injection attacks. The attack uses malicious instructions hidden inside seemingly harmless items like emails, attachments, or calendar invitations. While these instructions are invisible to a human user, an AI assistant can read and execute them. Researcher Eito Miyamura demonstrated the vulnerability in a video posted on X. We got ChatGPT to leak your private email data. All you need? The victim's email address. AI agents like ChatGPT follow your commands, not your common sense... with just your email, we managed to exfiltrate all your private information. The attack can be triggered by a specially crafted calendar invite that the user does not even need to accept. When the user asks their AI assistant to perform a routine task like checking their calendar, the AI reads the hidden command in the invite. The malicious command then instructs the AI to search the user's private emails and send the data to the attacker. Google previously warned about this type of threat in June, stating that instructions embedded in documents or calendar invites could instruct AI to "exfiltrate user data or execute other rogue actions." The company is now implementing defenses and advising users on how to protect themselves. Remember, AI might be super smart, but can be tricked and phished in incredibly dumb ways to leak your data.

Is your Gmail safe? Google exposes alarming AI hacking threats- here's what you need to know

Google confirms a Gmail warning about a new AI-driven attack. This attack can compromise email accounts. It uses prompt injection techniques hidden in emails and calendar invites. Attackers can potentially extract private data. Google is implementing measures to detect and block malicious prompts. Users should enable the 'known senders' setting in Google Calendar. This helps prevent unwanted calendar invites. Gmail users are worried about a new cyber threat where hackers are now apparently using AI to break into accounts. However, this threat "is not specific to Google." It shows how AI prompt injection is becoming more dangerous. The company says that urgent protections are needed to stop bad instructions from getting into emails and calendar invites. Researchers in security showed how hackers could use AI to get into Gmail. The hack starts with a fake calendar invite that the victim doesn't have to accept. The user's AI assistant checks the calendar and then, without the user knowing, follows secret instructions to look through emails and send private information to the attacker's address, as per a report by Forbes. ALSO READ: iOS 26 launched - See the exciting new features coming today Eito Miyamura posted on X, attaching a video of an attack on Gmail, "We got ChatGPT to leak your private email data." "All you need? The victim's email address." As "AI agents like ChatGPT follow your commands, not your common sense," he warned, "with just your email, we managed to exfiltrate all your private information." Prompt injection is a type of cyberattack in which hidden commands are put into emails, files, or invitations. AI systems often follow these instructions without question, even though users can't see them. This makes them very useful for hackers, as per a report by Forbes. ALSO READ: Charlie Kirk's shocking remarks over women and their career goals days before his death- Here's what he said Google has admitted that the threat is real and that it affects the whole industry, not just Gmail. "It illustrates why developing robust protections against prompt injection attacks is important." "Our model training with adversarial data significantly enhanced our defenses against indirect prompt injection attacks in Gemini 2.5 models," stated Google. ALSO READ: Is Tyler Robinson a republican? Here's the political affiliation of the suspect arrested for the assassination of Charlie Kirk The company says that its Gemini 2.5 models already have better protections against indirect prompt injection because they were trained with data from people who were trying to hack them. Google is also using machine learning to block bad prompts in emails, attachments, and calendar invites. Its classifiers can find harmful instructions and ignore them, which stops AI from doing things that are dangerous. Google asserted that it is "rolling out proprietary machine learning models that can detect malicious prompts and instructions within various formats, such as emails and files." Gmail's built-in protections also keep out more than 99.9% of spam, phishing attempts, and malware, as per a report by Forbes. User settings are still an important layer of protection, even though AI defenses are getting better. Google says that you should turn on the "known senders" setting in Calendar so that invites from people you don't know don't show up automatically. "We've found this to be a particularly effective approach to helping users prevent malicious or spam events appearing on their calendar grid. The specific calendar invite would not have landed automatically unless the user has had prior interactions with the bad actor or changed the default settings." This step greatly lowers the chance of prompt injection attacks happening through bad events. Experts also stress that you should be careful when using AI helpers. Even strong tools like ChatGPT can be used to get sensitive information if attackers get hold of an email address, as researcher Eito Miyamura showed. The Gmail AI hack is a reminder of how weak new technology can be. As AI becomes more common in everyday tools, bad people are quick to take advantage of it, as per a report by Forbes. Google's layered defenses and users being careful will be important for staying ahead of this growing cyber threat. What does the Gmail AI hack do? It tricks AI assistants into leaking private emails by sending them bad calendar invites. What should people who use Gmail do first? To stop getting unwanted invites, turn on the "known senders" setting in Google Calendar.