# Google Gemini Voice Assistant Vulnerability Exposed and Patched

*Published June 5, 2026*
*Source: [https://www.securityweek.com/gemini-voice-assistant-hijacked-via-messaging-notifications/](https://www.securityweek.com/gemini-voice-assistant-hijacked-via-messaging-notifications/)*

## Executive Summary

SafeBreach discovered a critical vulnerability in Google's Gemini voice assistant that allowed attackers to exploit messaging notifications to execute harmful actions. After disclosure in August 2025, Google patched the flaw in November, but the incident underscores the need for stronger defenses against AI context manipulation.

## Article

Recent research by SafeBreach has uncovered a significant vulnerability in Google's Gemini voice assistant that allowed cyber attackers to use indirect prompt injections via messaging notifications. This vulnerability, named Fake Context Alignment, enabled malicious actors to manipulate Gemini's response context through notifications from popular apps like WhatsApp, Slack, and SMS. These messages could inject harmful instructions without users realizing, bypassing Google's security measures. SafeBreach's findings included the ability to embed hidden commands in foreign languages or muted hyperlinks, which Gemini processed without vocalizing them. This posed a particular danger in hands-free situations, such as when driving, where voice interaction is crucial. The potential actions attackers could trigger were serious, ranging from controlling smart home devices to crafting fraudulent messages appearing to come from trusted contacts. The vulnerability was disclosed to Google in August 2025 and patched in November 2025 with improvements in content classification. SafeBreach shared these details to highlight ongoing risks associated with prompt injection attacks and to encourage more robust defenses against context manipulation. The organization stressed the need for vendors to rethink AI systems' trust and context parsing capabilities to enhance user safety, urging a move beyond localized mitigations. Videos demonstrating the vulnerability in action on platforms like Zoom and Google Home have been released by SafeBreach.