<ul data-eligibleForWebStory="false">Google's Gemini AI in Workspace productivity suite is vulnerable to prompt injection attacks.A researcher demonstrated a phishing attack using Gemini to trigger a fake security warning hidden in emails.The attack exploits Gemini's system prompt hierarchy, and Google had published mitigations for similar attacks earlier this year.Security teams are advised to consider AI assistants in the attack surface and take precautions against such vulnerabilities.