SignalX.ai A.I CyberSecurity Scoring
SignalX.ai
Company Information
Website:https://signalx.ai
Employees number:42
Number of followers:14,169
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:signalx.ai
SignalX.ai Risk Score (AI oriented)
Between 700 and 749
SignalX.aiIT Services and IT Consulting
Updated:
03/06/2026
03/06/2026
737/1000
Moderate
Ba
SignalX.ai Global Score (TPRM)
xxxx
SignalX.aiIT Services and IT Consulting
Score locked

SignalX.aiModerate
Current Score
737Ba (MODERATE)
01000
1 incidents
-18 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
738
JUNE 2026
737
MAY 2026
737
APRIL 2026
737
MARCH 2026
736
FEBRUARY 2026
736
JANUARY 2026
735
DECEMBER 2025
735
NOVEMBER 2025
734
OCTOBER 2025
734
SEPTEMBER 2025
733
AUGUST 2025
750
Cyber Attack
17 Aug 2025 • SignalX.ai
Instagram, Google, Signal and Google Home: New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS
New Indirect Prompt Injection Attacks Hijack Google Gemini via Messaging Apps
732
HIGH-18
METSIGGOO1780511120
New Indirect Prompt Injection Attacks Hijack Google Gemini via Messaging Apps
Researchers at SafeBreach, led by Security Research Team Lead Or Yair, have uncovered a novel class of indirect prompt injection (IPI) attacks targeting Google Gemini’s voice assistant, enabling silent hijacking through malicious payloads delivered via everyday messaging platforms including WhatsApp, Slack, Signal, SMS, Instagram, and Messenger.
The exploit leverages Gemini’s Android Utilities agent, which processes incoming notifications from third-party apps. Attackers embed malicious instructions in crafted messages, which Gemini then incorporates into its conversational context without user awareness. This allows for context poisoning, where the AI can be manipulated to deliver phishing lures (e.g., fake error messages prompting clicks) or execute unauthorized actions.
To bypass Google’s security measures including patches for chained tool invocations and Delayed Tool Invocation SafeBreach developed Fake Context Alignment, a technique that deceives both Gemini’s backend and the user. Two variants were demonstrated:
- Obfuscated Fake Context Alignment: A malicious question in a foreign language (e.g., Chinese) is followed by a benign English prompt. The user’s "Yes" response to the English question unknowingly authorizes the hidden instruction.
- Muted Fake Context Alignment: A malicious question is embedded as clickable link text, skipped by Gemini’s text-to-speech engine, while the user hears only a harmless voice prompt.
Combining these methods into an "Ultimate Combo" payload reliably bypassed Google’s defenses, enabling high-severity exploits. Researchers demonstrated remote control of smart home devices (e.g., windows, boilers, lighting via Google Home), covert video streaming (forcing Zoom to stream a victim’s camera via a 301 redirect from a trusted domain), and large-scale social engineering (fabricating messages from trusted contacts using extracted sender names).
Additional risks include persistent memory poisoning, where false data is injected into Gemini’s long-term memory across a victim’s Google Workspace, and scheduled surveillance, where recurring tasks automatically read recent messages.
SafeBreach disclosed the findings to Google’s Vulnerability Reward Program on August 17, 2025. Google confirmed on November 14, 2025, that updated content classifier improvements had mitigated the indirect prompt injection and Delayed Tool Invocation vulnerabilities.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for SignalX.ai ??
What was SignalX.ai's A.I Rankiteo Cyber Score in June 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in May 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in April 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in March 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in February 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in January 2026 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in December 2025 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in November 2025 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in October 2025 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in September 2025 ??
What was SignalX.ai's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on SignalX.ai's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with SignalX.ai ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view SignalX.ai's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?