The recent discovery of the Gemini Trifecta vulnerabilities by Tenable underscores a growing reality: AI tools can be both the target and the vehicle of cyberattacks. Google’s Gemini AI assistant suffered three now-remediated issues that allowed prompt injection, search history manipulation, and data exfiltration through its browsing tool.  

These incidents are a reminder that as organizations embrace AI, every input becomes a potential infiltration point and every output becomes a possible exfiltration vector. Attackers can leverage AI-generated actions to steal sensitive data, move laterally in your environment, or bypass traditional security measures.  

How ThreatSTOP Keeps You Proactively Protected

At ThreatSTOP, we believe that visibility and control over AI and cloud traffic are essential. Our Protective DNS solutions, DNS Defense Cloud and DNS Defense provide the proactive protections needed to disrupt these AI-enabled attack chains before they cause damage.

  1. Block Command-and-Control (C2) Traffic  
    • Prompt-injection attacks often lead to outbound data exfiltration. ThreatSTOP Protective DNS automatically prevents connections to known malicious domains, stopping Gemini-like attacks from “calling home.”
  2. Stop Malicious Browsing and Data Exfiltration  
    • The Gemini Browsing Tool vulnerability relied on fetching malicious URLs. With ThreatSTOP IP Defense, you can block risky IP destinations across firewalls, routers, and cloud environments, eliminating exfiltration paths.
  3. Neutralize Indirect Prompt Injection Sources  
    • Attacks like log or search history poisoning often require the victim to touch a malicious domain first. ThreatSTOP’s real-time threat intelligence blocks these domains, removing the attacker’s first foothold.

Partnering with GlassWing.ai for AI Usage Control

Our strategic partnership with GlassWing.ai allows ThreatSTOP customers to monitor and control AI interactions inside their environments. By combining network-level policy enforcement with AI-usage visibility, you gain:

  • Insight into which AI tools are being used  
  • The ability to block or quarantine suspicious AI sessions  
  • Policy-driven control to prevent sensitive data from leaving your environment  

Together, ThreatSTOP and GlassWing.ai empower organizations to embrace AI safely while disconnecting from risk.

Proactive Security for a New Era

The Gemini Trifecta highlights that AI-powered attacks are no longer hypothetical. With ThreatSTOP’s Protective DNS and IP Defense, combined with GlassWing.ai’s AI governance, your organization can prevent infiltration, stop exfiltration, and stay ahead of emerging threats.

For those interested in joining the ThreatSTOP family, or to learn more about our proactive protections for all environments, we invite you to visit our product page. Discover how our solutions can make a significant difference in your digital security landscape. We have pricing for all sizes of customers! Get started with a Demo today!  Contact us for more about our GlassWing.ai partnership.

MITRE ATT&CK Mapping

 

MITRE ATT&CK Tactic

Example Technique

How ThreatSTOP Helps

Initial Access

T1566 – Phishing / T1189 – Drive-by Compromise

Blocks malicious AI-linked domains via Protective DNS

Execution

T1059 – Command Execution via Prompt Injection

Reduces attacker success by denying communication with C2 IPs

Collection

T1530 – Data from Cloud Storage

Stops unauthorized data movement to malicious destinations

Exfiltration

T1041 – Exfiltration over C2 Channel

Blocks outgoing traffic to attacker-controlled IPs and domains

Command and Control

T1071 – Application Layer Protocol

Disrupts communication via domain and IP-based policy enforcement

 

Connect with Customers, Disconnect from Risks.