logo

Malicious WhatsApp, Slack Alerts Could Have Exposed Millions of Android Users

ID: 68606b97-2615-5b17-a04a-8ee21be149e3

STIX ID: report--68606b97-2615-5b17-a04a-8ee21be149e3

Feed Name: TechRepublic Security

Threat Score
30/100

Date Published: 2026-06-04

Date Updated: 2026-06-04

Author: Kezia Jungco

...
...

SafeBreach researchers discovered a notification-based prompt-injection vulnerability in Google Gemini’s Android Utilities that could allow crafted notifications from messaging apps to manipulate how Gemini processes and speaks notification content (a technique called Fake Context Alignment). Google applied server-side content-classifier mitigations, there is no evidence of exploitation in the wild, and users can limit exposure by disabling Gemini Utilities or notification read/reply permissions.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.