AI is an impressive tool, and companies like Google and OpenAI continue to improve and expand upon what their models can do. At the same time, generative AI chatbots are also becoming bigger targets for bad actors, and now security researchers have found a way to hack someone's Google Calendar using text hidden inside of high-resolution images.

Security researchers from The Trail of Bits Blog claim that they were able to harness the image scaling systems that AI like Gemini uses to process images added to its prompts. This allowed the group to send a set of hidden instructions to the AI, which was then able to retrieve information from a Google Calendar account and email it to themselves — all without alerting the user.

Image scaling attacks like this used to be more common, and the researchers note that they "were used for model backdoors, evasion, and poisoning primarily against older computer vision systems that enforced a fixed image size." This attack has become less common, but it seems a similar approach can be taken to send hidden instructions to a large language model like Google's Gemini, which raises concerns over AI safety as Gemini and other AI move into our homes and AI potentially advances beyond our comprehension.