Google: No fixes slated for Gemini ASCII smuggling attack

BleepingComputer reports that Google has opted to leave a newly discovered ASCII smuggling attack in its Gemini artificial intelligence chatbot unfixed, noting that the issue could only be abused in social engineering intrusions. Such dismissal from Google comes after Gemini, Grok, and DeepSeek were found by FireTail security researcher Viktor Markopoulos to be susceptible to ASCII smuggling, which could facilitate fake data generation, model behavior changes, and data poisoning via Calendar invites or emails, X posts, and prompts, respectively. While other widely used large language models, such as ChatGPT, Microsoft Copilot, and Claude, were not affected by the intrusion, Gemini's comprehensive Google Workspace integration has significantly increased the risk of compromise through concealed text within Calendar invites and emails. "For users with LLMs connected to their inboxes, a simple email with hidden commands can instruct the LLM to search the inbox for sensitive items or send contact details, turning a standard phishing attempt into an autonomous data extraction tool," said Markoupolos.