Google Gemini Vulnerability Enables Data Exfiltration

Noma Security on Dec. 9, 2025 revealed a vulnerability in Google Gemini Enterprise that allows attackers to inject malicious prompts (dubbed GeminiJack) via embedded content such as Google Docs. The flaw can cause AI applications or agents to exfiltrate sensitive data when they execute the malicious prompt. Organizations using Gemini Enterprise should evaluate prompt handling and embedded-content controls.
Key Points
- 1Identifies vulnerability (GeminiJack) in Google Gemini Enterprise enabling indirect malicious prompt injection via embedded documents
- 2Shows attackers can coerce AI agents to exfiltrate sensitive data, elevating supply-chain and document risks
- 3Recommend security teams audit prompt handling, monitor agent outputs, and restrict embedded content sources
Scoring Rationale
High immediacy and credibility from vendor disclosure, but limited scope to Gemini Enterprise documents currently.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems
