By Thomas Brewster
Publication Date: 2025-11-26 11:30:00
A security researcher discovered a nasty flaw in Google’s Antigravity tool, the latest example of companies rushing to market AI tools that are vulnerable to hacking.
WWithin 24 hours When Google released its Gemini-based AI coding tool Antigravity, security researcher Aaron Portnoy discovered what he said was a serious security flaw: a trick that allowed him to manipulate the AI’s rules to potentially install malware on a user’s computer.
By changing Antigravity’s configuration settings, Portnoy’s malicious source code created a so-called “backdoor” into the user’s system into which he could inject code to, for example, spy on victims or execute ransomware, he said Forbes. The attack worked on both Windows and Mac PCs. To carry out the hack, all he had to do was convince an Antigravity user to run his code once after clicking a button that said his rogue code was “trustworthy” (this is something hackers often achieve through social engineering, such as pretending to be a competent, benevolent…
