Advertisement
Researchers Use Hidden Calendar Invites to Hijack AI
Once they're in, a hacker can use Gemini to start Zoom calls, send spam, read browser content, and delete calendar events.
Menu
Front Page Breaking News Comments Flagged Comments Recently Flagged User Blogs Write a Blog Entry Create a Poll Edit Account Weekly Digest Stats Page RSS Feed Back Page
Subscriptions
Read the Retort using RSS.
RSS Feed
Author Info
lamplighter
Joined 2013/04/13Visited 2025/08/10
Status: user
MORE STORIES
Fight over a school board member's Instagram 'likes' (1 comments) ...
Online Extremist Networks Grooming Teens Exposed (2 comments) ...
Researchers Use Hidden Calendar Invites to Hijack AI (1 comments) ...
Why CT hospitals are giving orange bracelets to new moms (9 comments) ...
Things Aren’t Going Donald Trump’s Way (3 comments) ...
Alternate links: Google News | Twitter
Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.
More from the article ...
... New research demonstrates how generative AI models like Google's Gemini can be manipulated to control real-world devices. The attack, developed by Ben Nassi from Tel Aviv University, Stav Cohen from Technion, and Or Yair from SafeBreach, uses a technique known as indirect prompt injection. The attack involves placing hidden commands inside calendar invites. When a user asks Gemini to summarize scheduled events, it processes the prompts without realizing they could be harmful. This triggers actions like opening smart window shutters, switching off lights, or activating a boiler. The AI isn't given these commands directly; the prompts are hidden in events it pulls context from. The devices can also be triggered when users say common words like "thanks" in response to the AI, according to Wired. Fourteen different attacks were developed as part of the research, named "Invitation Is All You Need." Other methods are: using Gemini to start Zoom calls, send spam, read browser content, and delete calendar events. In one case, Gemini read abusive messages drawn from a prompt injection designed to shock the user. ...
The attack involves placing hidden commands inside calendar invites. When a user asks Gemini to summarize scheduled events, it processes the prompts without realizing they could be harmful. This triggers actions like opening smart window shutters, switching off lights, or activating a boiler.
The AI isn't given these commands directly; the prompts are hidden in events it pulls context from. The devices can also be triggered when users say common words like "thanks" in response to the AI, according to Wired.
Fourteen different attacks were developed as part of the research, named "Invitation Is All You Need." Other methods are: using Gemini to start Zoom calls, send spam, read browser content, and delete calendar events. In one case, Gemini read abusive messages drawn from a prompt injection designed to shock the user. ...
#1 | Posted by LampLighter at 2025-08-10 12:02 AM | Reply
Post a comment The following HTML tags are allowed in comments: a href, b, i, p, br, ul, ol, li and blockquote. Others will be stripped out. Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed. Anyone can join this site and make comments. To post this comment, you must sign it with your Drudge Retort username. If you can't remember your username or password, use the lost password form to request it. Username: Password: Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy
The following HTML tags are allowed in comments: a href, b, i, p, br, ul, ol, li and blockquote. Others will be stripped out. Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.
Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy
