GeminiJack: The Google Gemini Zero-Click Vulnerability Leaked Gmail, Calendar and Docs Data noma.security/blog/gemi…
Noma Labs recently discovered a vulnerability, now known as GeminiJack, inside Google Gemini Enterprise and previously in Vertex AI Search. The vulnerability allowed attackers to access and exfiltrate corporate data using a method as simple as a shared Google Doc, a calendar invitation, or an email. No clicks were required from the targeted employee. No warning signs appeared. And no traditional security tools were triggered.
This was not a conventional software bug. It was an architectural weakness in the way enterprise AI systems interpret information. Google collaborated directly with Noma Labs to validate the findings and deployed updates that changed how Gemini Enterprise and Vertex AI Search interact with their underlying retrieval and indexing systems.
GeminiJack highlights an important reality. As organizations adopt AI tools that can read across Gmail, Docs, and Calendar, the AI itself becomes a new access layer. If an attacker can influence what AI reads, they can influence what AI does.
This type of attack will not be the last one of its kind. It reflects a growing class of AI-native vulnerabilities that organizations must prepare for now.
