Google said it is rolling out a fix for an Android 16 lock-screen bypass in Gemini that allows someone with brief physical access to a locked phone to send SMS and WhatsApp messages without entering a PIN, password, or biometric. Researchers and follow-on reporting said the flaw can be triggered through a specific multi-touch interaction when Gemini is invoked from the lock screen and prompted to open apps such as Messages, bypassing the expected authentication step. Google said the issue is not limited to Pixel devices, though it did not identify all affected manufacturers or models.
The bug was reproduced on a fully patched Pixel 6a and appears tied to Gemini's Deep Research and lock-screen app-handoff behavior, where authentication checks can fail during transitions from the lock-screen overlay into the full app. Reporting said the weakness may also let an attacker regain Gemini access to previously disconnected apps, switch accounts, view or delete Gemini conversation history, change some security settings, and exfiltrate data while leaving no failed unlock attempts logged. The researcher who disclosed the issue said it reflects an incomplete fix for an earlier reported vulnerability and points to a broader trust-boundary problem in how lock-screen restrictions are enforced across Gemini activities.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
Google said it was aware of the Android 16 Gemini lock-screen bypass bug, had implemented a fix, and planned full deployment during the same week. Reporting said the flaw could let someone with physical access send SMS or WhatsApp messages and regain Gemini access to disconnected apps without completing authentication.
Security researcher Sandiyo Christan reported that a fully patched Pixel 6a running Android 16 could still be subjected to a Gemini-based lock-screen bypass without requiring a PIN, password, or biometric. He described it as an incomplete fix for a previously reported Google VRP issue, with access to sensitive Gemini functions while the device remained locked.
Payatu published a report describing an Android lock-screen bypass involving Google Gemini. This appears to be the earlier technical disclosure of the issue later referenced by reports about an incomplete fix and Google's subsequent rollout of a patch.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
4 references tracked. Mallory keeps watching after this page renders.
theregister.com
Open sourceinfosecwriteups.com
Open sourcepayatu.com
Open sourcebitdefender.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.