&w=3840&q=100)
Gmail's Gemini-powered summaries may expose users to security risks: Report
Indian Express cites Marco Figueroa, GenAI Bug Bounty Programs Manager at Mozilla, stating that a security researcher uncovered a prompt injection flaw in Google Gemini for Workspace, which let attackers 'hide malicious instructions inside an email' that triggered when users clicked the 'Summarise this email' button in Gmail.
Attack through Gemini: How does this work
As per the report, hackers found a way to hide secret instructions in emails that trick Google's Gemini AI. They did this by placing hidden text at the end of the email using HTML and CSS, making the font size zero and the colour white so it could not be seen.
Because these emails do not contain attachments, they can easily pass through Google's spam filters and reach users' inboxes. When someone opens the email and clicks 'Summarise this email' using Gemini, the AI follows the hidden commands without knowing they are harmful.
Mozilla's Marco Figueroa explained how such prompt injections can be detected with:
Gemini can be updated to ignore or remove hidden text in emails.
Google can use a post-processing filter to scan Gemini's output for: Urgent messages, Phone numbers, Suspicious links.
These flagged elements can then be reviewed for potential threats.
Google has reportedly issued a statement to BleepingComputer, stating, 'We are constantly hardening our already robust defenses through red-teaming exercises that train our models to defend against these types of adversarial attack."
The company representative clarified to BleepingComputer that some of the mitigations are in the process of being implemented or are about to be deployed.
The report further states that Google has seen no evidence of incidents manipulating Gemini in the way demonstrated in Figueroa's report.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
40 minutes ago
- Time of India
Who is Varun Mohan? Indian-origin CEO of Windsurf faces backlash after quitting startup for Google, derailing $3B OpenAI deal
Varun Mohan, a rising star in Silicon Valley and co-founder of AI startup Windsurf, is under fire after abruptly quitting to join Google 's DeepMind, effectively tanking a $3 billion acquisition deal with OpenAI . The move triggered widespread criticism from investors, industry peers, and the public, with some branding Mohan a 'generational villain' for leaving his team behind during a crucial transition. While Windsurf was later rescued in a last-minute deal by Cognition, the controversy has cast a long shadow over Mohan's once-admired career. But who is the man at the center of this high-stakes tech saga? Varun Mohan: Windsurf Co-founder with Indian roots Varun Mohan was born and raised in Sunnyvale, California, to Indian immigrant parents. While the specific region in India remains undisclosed, his upbringing was defined by a blend of Indian cultural values and the American spirit of innovation. Encouraged to excel academically, Mohan showed an early aptitude for mathematics and computer science, regularly winning accolades in national Olympiads and competitions. Mohan's academic journey led him to the Massachusetts Institute of Technology (MIT), where he pursued a rare dual-degree program. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like This Could Be the Best Time to Trade Gold in 5 Years IC Markets Learn More Undo He completed a Bachelor of Science and a Master of Engineering in Electrical Engineering and Computer Science (EECS). He specialized in areas like operating systems, machine learning, distributed computing, and algorithms, laying the groundwork for his future in AI infrastructure and developer tools. During his time at MIT, Mohan built his technical foundation with internships at major tech firms and research institutions, including Quora, LinkedIn, Samsung, Cloudera, and UC Santa Cruz. After graduating, he joined the self-driving startup Nuro, where he quickly rose to the role of Lead Software Engineer. These experiences gave him hands-on exposure to complex AI systems and real-world applications of machine learning. Co-founding Windsurf: Building an AI-native IDE In 2021, Mohan co-founded Codeium, which was later rebranded as Windsurf, along with MIT classmate Douglas Chen. The company initially focused on GPU virtualization for deep learning but later pivoted to create Cascade, an AI-powered integrated development environment (IDE). The tool allowed developers to write, test, and refactor code with AI support, onboarding over a million users within just four months. Windsurf raised $243 million in funding and reached a $1.25 billion valuation, becoming one of the fastest-growing AI unicorns in the United States. Fallout from the Google move In 2025, OpenAI was reportedly in advanced talks to acquire Windsurf for $3 billion. But just as the deal neared completion, Mohan and Chen resigned and licensed Windsurf's technology to Google in a $2.4 billion agreement. Mohan then joined Google DeepMind, taking key team members with him. The sudden departure left Windsurf in crisis and eventually prompted a weekend-long rescue operation by AI firm Cognition. The move sparked outrage across the tech world. Backlash from investors and the public The fallout was swift and public. Venture capitalist Vinod Khosla criticized Mohan for abandoning his team, while Cognition CEO Scott Wu called the exit a betrayal of founder responsibility. On social media, users accused Mohan of prioritizing personal gain over team loyalty. One post read, 'Founders cashing out while the team's left behind isn't just bad form. It's long-term reputation damage.' Another user bluntly called him a 'generational villain. ' Despite the backlash, Mohan's contributions to AI-powered developer tools remain significant. He is widely regarded as a pioneer in agentic IDEs, which are tools that integrate AI into the entire coding process, and an influential figure in Silicon Valley's AI evolution. Now at Google DeepMind, he continues to shape the future of AI-driven software development, although under the shadow of one of the year's most controversial exits.
India Today
41 minutes ago
- India Today
Pixel 10 leaked renders hint at bold new colours for Google's next flagship
Google's next flagship smartphone — the Pixel 10 — is coming soon, and if the latest leaks are accurate, we're in for a mix of small surprises. While the overall look of the phone doesn't seem to have changed much, Google is shaking things up in two areas: colours and cameras. As per a report by Android Headlines, Google is expected to drop three of the Pixel 9 shades this year and bring in a few bold, bright new ones. There's also a new camera setup on the back, with a third lens now showing up on the base Pixel model — something we haven't seen talk colours first. The Pixel 9 came in Peony, Wintergreen, Porcelain, and Obsidian. According to the leak, the Pixel 10 will only keep Obsidian. Peony, Wintergreen, and even Porcelain — a staple shade in Google's smartphone lineup for years — are likely being replaced. In their place, we'll get three fresh options: Indigo, Frost, and Limoncello. Frost is a soft, muted blue, quite similar to the iPhone 15's blue shade from a couple of years ago. Indigo brings back memories of the original Google Pixel, which also came in blue. It has a deep, rich look that makes the phone stand out. And Limoncello? It's almost like a parrot green — more like the Pixel 7's green than the Pixel 9's a change in the camera deco too. While the size of the camera bar is about the same, the glass covering it is bigger. That's because Google is finally adding a third lens — a telephoto camera — to the regular Pixel 10. Until now, a dedicated telephoto lens has only been available on the Pro models. It's worth noting that all the sensors in the Pixel 10 will be smaller this year, possibly to make the Pro models stand out more. The primary sensor is a 48-megapixel paired with a 12-megapixel ultra-wide and a 10.8-megapixel telephoto sensor — borrowed from the Pixel 9a and 9 Pro Fold. The Pixel 10 is expected to be announced on August 20, with pre-orders opening the same day. Shipping is likely to start on August the Pixel 10, Google is also expected to unveil three more devices — including the Pixel 10 Pro, 10 Pro XL, and 10 Pro Fold. The Pixel Watch 4 is also expected, with reports suggesting it may come in two sizes this time. Powered by Android 16, we might also see deeper AI features, updated widgets, and more visual tweaks thanks to Material 3 Expressive. Google might also show off new charging accessories and the budget-friendly Pixel Buds 2a.- Ends
Time of India
an hour ago
- Time of India
Crypto custody startup BitGo confidentially files for US IPO
Academy Empower your mind, elevate your skills BitGo, a provider of trust and security services for digital assets , said on Monday it has confidentially filed for a U.S. listing, as crypto firms race to capitalise on renewed market high-profile companies, including those in riskier sectors like crypto and fintech, have launched successful listings in recent weeks, signaling pent-up demand and a rebound in capital markets announcement follows the crypto sector's market value hitting $4 trillion last week, driven by a wave of corporate treasury adoption, regulatory clarity in key markets, and rising institutional week, US President Donald Trump signed a law to create a regulatory regime for dollar-pegged cryptocurrencies called stablecoins, potentially allowing the digital assets to become an everyday way to make payments and move the world's largest and best-known cryptocurrency, recently breached the $120,000 mark. It is up 26% so far in 2025, while ether, the second-largest, has gained about 14%.The sector's rapid ascent has opened the floodgates for IPO filings. Crypto-focused asset manager Grayscale and Gemini, the digital assets exchange founded by Tyler and Cameron Winklevoss, have also confidentially filed to go public in recent number of shares to be offered and the price range for the proposed initial public offering have not yet been determined, BitGo Palo Alto, California-based company had raised $100 million at a $1.75 billion valuation in August in 2013, BitGo is one of the largest crypto custody firms based in the U.S. These companies store and protect digital assets on behalf of clients, a role that has become increasingly important as institutional interest in crypto like BitGo have become key players by offering secure storage, helping clients meet regulatory requirements, and safeguarding assets against theft or loss.
