Google Antigravity prompt-injection fix
Security Patch Release
Summary
Hide ▲
Show ▼
Google fixed Antigravity's prompt injection flaw in February, closing a path that could lead to sandbox escape and remote code execution (RCE). The patch followed a January report from researchers and addressed a weakness that bypassed the product's Secure Mode protections. The flaw mattered because it let a benign-looking prompt turn into a full compromise chain through the IDE's native tool execution flow.
Related Happenings
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation Wave
First: 11.05.2026 18:45
Last: 11.05.2026 18:45
Sources 1
About this happening:
Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation WaveAbout this happening: Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Google Gemini CLI workspace-trust hardening update
Security Patch Release
First: 30.04.2026 10:07
Last: 30.04.2026 10:07
Sources 1
About this happening:
Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google Gemini CLI workspace-trust hardening update
Security Patch ReleaseAbout this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google security patch release for CVE-2026-5858
Security Patch Release
First: 10.04.2026 13:44
Last: 10.04.2026 13:44
Sources 1
About this happening:
**Google** released the first stable **Chrome 147** build, closing **60 vulnerabilities** and raising the browser’s baseline security ahead of broader deployment. The patch bundle...
Google security patch release for CVE-2026-5858
Security Patch ReleaseAbout this happening: **Google** released the first stable **Chrome 147** build, closing **60 vulnerabilities** and raising the browser’s baseline security ahead of broader deployment. The patch bundle...
Claude Code deny-rule bypass fix (version 2.1.90)
Security Patch Release
First: 08.04.2026 12:16
Last: 08.04.2026 12:16
Sources 1
About this happening:
**Anthropic** released **Claude Code version 2.1.90** last week to fix a command-parsing flaw that could let **user-configured deny rules** silently stop applying when a command e...
Claude Code deny-rule bypass fix (version 2.1.90)
Security Patch ReleaseAbout this happening: **Anthropic** released **Claude Code version 2.1.90** last week to fix a command-parsing flaw that could let **user-configured deny rules** silently stop applying when a command e...
Google security patch release for CVE-2026-21385
Security Patch Release
First: 03.03.2026 10:19
Last: 03.03.2026 10:19
Sources 1
About this happening:
Google released **Android** security updates covering **129 vulnerabilities**, including an **actively exploited zero-day** in a **Qualcomm display component**, creating urgent ri...
Google security patch release for CVE-2026-21385
Security Patch ReleaseAbout this happening: Google released **Android** security updates covering **129 vulnerabilities**, including an **actively exploited zero-day** in a **Qualcomm display component**, creating urgent ri...
Timeline
-
21.04.2026 13:52 2 articles · 1mo ago
Google Antigravity prompt-injection fix
Initial DisclosureAfter a **January** report, **Google** fixed the **Antigravity** prompt-injection issue in **February** before the flaw could remain exposed in the shipped product. The patch addressed a weakness that had enabled **sandbox escape** and **RCE** through the IDE's tool flow.
Show sources
- Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool — www.darkreading.com — 21.04.2026 13:52
- Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool — www.darkreading.com — 21.04.2026 13:52