The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
CSO Online

Google Gemini flaw exposes new AI prompt injection risks for enterprises

A calendar-based prompt injection technique exposes how generative AI systems can be manipulated through trusted enterprise ...

Indirect prompt injection in Google Gemini enabled unauthorized access to meeting data

Miggo’s researchers describe the methodology as a form of indirect prompt injection leading to an authorization bypass. The ...

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.