The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
Dark Reading

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

The indirect prompt injection vulnerability allows an attacker to weaponize Google invites to circumvent privacy controls and ...
Bleeping Computer

News in the Security category

Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords. Microsoft will soon add new ...
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 Security Flaws

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that attackers are actively exploiting.