WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger can hijack Google Gemini on Android and make it open windows, fake messages, or launch Zoom. The attack works by treating notification text as instructions without needing malicious apps. SafeBreach's Or Yair found that Gemini's Utilities feature reads and acts on notifications as if they were user commands. The vulnerability allows faking messages from named contacts and triggering real tools like apps or windows.