Invoking Gemini Agents with a Google Calendar Invite

Name: Invoking Gemini Agents with a Google Calendar Invite
Description: A team of three researchers — Ben Nassi (Black Hat board member and Tel Aviv University faculty), Or Yair (security research team leader at SafeBreach), and Stav Cohen (Technion PhD student) — present

Ben Nassi, Or Yair, Stav Cohen

DEF CON 33 · Day 1 · Main Stage

A team of three researchers — Ben Nassi (Black Hat board member and Tel Aviv University faculty), Or Yair (security research team leader at SafeBreach), and Stav Cohen (Technion PhD student) — present

AI review

Nassi, Yair, and Cohen demonstrate a complete attack framework against Gemini for Workspace in which a single malicious Google Calendar invitation — invisible to the victim behind a 'Show More' UI pagination — can poison Gemini's context window and invoke agents to spam users, delete calendar events, control IoT devices, stream video via Zoom, geolocate the victim, and exfiltrate email contents. Seven distinct live attack chains demonstrated.

Watch on YouTube