Hackers Win Big at Google's bugSWAT: 579MB Binary Leaks Internal Source Code
2025-03-28
In 2024, a security research team once again won the MVH award at Google's LLM bugSWAT event. They discovered and exploited a vulnerability in Gemini allowing access to a sandbox containing a 579MB binary file. This binary held internal Google3 source code and internal protobuf files used to communicate with Google services like Google Flights. By cleverly utilizing sandbox features, they extracted and analyzed the binary, revealing sensitive internal information. This discovery highlights the importance of thorough security testing for cutting-edge AI systems.
AI
Bug Bounty