Security researchers at Tenable revealed three distinct vulnerabilities across Gemini’s cloud assist, search optimization, and browsing components. If exploited, these flaws allow attackers to inject prompts, hijack AI logic, and quietly siphon private user data, even bypassing many of Google’s built-in safeguards. Together, the flaws have been dubbed “Gemini Trifecta.” Itay Ravia, head of Aim Labs, the cybersecurity outfit that first documented a similar EchoLeak zero-click attack on...
