WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

SafeBreach researcher Or Yair demonstrated that Gemini's Android Utilities (notification read/reply) could be abused via poisoned notifications to perform privileged actions, spoof spoken messages, control smart-home devices, force app/URL launches (including joining Zoom), and persist attacker-chosen facts in account-level memory; Google deployed server-side content-classifier fixes and the only user mitigations are disabling Gemini's notification access or the Google app's notification control permission.