Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Gemini CLI bug let hackers run hidden code via README files

Google’s Gemini CLI had a flaw that let attackers run hidden commands by exploiting trusted ones.

byAytun Çelebi
July 30, 2025
in Cybersecurity, News

Google’s Gemini CLI tool, launched on June 25, 2025, was found to contain a security flaw shortly after its release. Cybersecurity researchers at Tracebit discovered the vulnerability, which could have allowed threat actors to target developers with malware and exfiltrate data without their knowledge. Google has since released version 0.1.14 to address the issue.

The security flaw stemmed from Gemini CLI’s ability to automatically execute commands from a pre-approved allow-list. Tracebit researchers found that malicious instructions could be hidden within files such as README.md, which Gemini CLI reads. This allowed attackers to pair malicious commands with trusted ones.

In a test conducted by Tracebit, a seemingly harmless command was combined with a malicious command that exfiltrated sensitive information, including system variables and credentials, to an external server. Because Gemini CLI recognized the trusted command, it didn’t alert the user or request permission before executing the paired malicious command. Tracebit indicated that the malicious command could be concealed using specific formatting techniques, making it difficult for users to detect.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.


Shuyal malware is stealing data from 19 different browsers


“The malicious command could be anything (installing a remote shell, deleting files, etc),” the researchers explained, highlighting the potential severity of the vulnerability. While exploiting the flaw required some initial setup, including the presence of a trusted command on the allow-list, it presented a significant risk to developers using the tool.

Google addressed this vulnerability with the release of Gemini CLI version 0.1.14. Users are strongly advised to update to this version, or a newer one, as soon as possible. It is also recommended to exercise caution when running Gemini CLI on unfamiliar or untrusted code, unless operating within a sandboxed or secure testing environment, to avoid potential exploitation of this or other vulnerabilities.


Featured image credit

Tags: gemini

Related Posts

Microsoft’s biggest-ever Patch Tuesday fixes 175 bugs

Microsoft’s biggest-ever Patch Tuesday fixes 175 bugs

October 15, 2025
Jensen Huang says every Nvidia engineer now codes with Cursor

Jensen Huang says every Nvidia engineer now codes with Cursor

October 15, 2025
Apple unveils new iPad Pro with the M5 chip

Apple unveils new iPad Pro with the M5 chip

October 15, 2025
Apple Vision Pro gets M5 chip upgrade and PS VR2 controller support

Apple Vision Pro gets M5 chip upgrade and PS VR2 controller support

October 15, 2025
Attackers used AI prompts to silently exfiltrate code from GitHub repositories

Attackers used AI prompts to silently exfiltrate code from GitHub repositories

October 15, 2025
Android 16 now shows which apps sneak in your security settings

Android 16 now shows which apps sneak in your security settings

October 15, 2025

LATEST NEWS

Microsoft’s biggest-ever Patch Tuesday fixes 175 bugs

Jensen Huang says every Nvidia engineer now codes with Cursor

Apple unveils new iPad Pro with the M5 chip

Apple Vision Pro gets M5 chip upgrade and PS VR2 controller support

Attackers used AI prompts to silently exfiltrate code from GitHub repositories

Android 16 now shows which apps sneak in your security settings

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.