News
Android’s Lock Screen Keeps Falling to New Gemini Bypasses
A two-tap trick lets a stranger text or WhatsApp from a locked Android phone via Gemini, the fifth such lock screen bypass reported since 2025.
Google is racing out a fix for a Gemini bug that lets anyone bypass an Android phone’s lock screen PIN with two simultaneous taps. Press “Continue” and the assistant’s “Add attachment” button at the same instant, and Gemini will send a text message or a WhatsApp chat straight from the lock screen. No code, no fingerprint, no owner required.
It is at least the fifth Gemini lock screen bypass to surface in public security write-ups since September 2025. Each one closed a single door. Researchers kept finding another.
Two Taps, No PIN
The bug lives inside Gemini’s lock screen mode, the feature that lets an Android owner get help without unlocking the phone first. Owners can also block Gemini from touching specific apps, like Messages or WhatsApp, from inside Settings. That block is supposed to hold even from the lock screen.
It does not. The Register, the security news outlet that first reported the flaw, said on July 17 that pressing “Continue” at the same moment as Gemini’s “Add attachment” button lets an unauthenticated user send an SMS with no PIN at all.
From there the trick gets worse. Typing “@WhatsApp” into the Gemini text box silently reconnects an app the owner had deliberately cut off, again without a PIN. Unlock the phone afterward and check Settings, and WhatsApp shows up connected to Gemini as if nothing happened.
A Google spokesperson confirmed the bug is real. The company said a fix was already built and due to ship within the week, though it did not say whether every device would get it at once. Google added that the bug is not limited to Pixel phones, but stopped short of naming which manufacturers or Android builds are exposed.
What we know:
- Google has confirmed the bug and says a patch is ready to ship this week.
- The exploit needs physical possession of the locked phone itself; it cannot be triggered remotely.
- It works even after an owner has explicitly revoked Gemini’s access to an app in Settings.
What’s unconfirmed:
- Which phone makers or Android builds, beyond “not just Pixel,” are actually exposed.
- Whether Samsung devices are truly immune, since some users say they could not reproduce it there.
- No CVE tracking number has appeared in public reporting on this specific bypass so far.
Until the patch lands, a few concrete steps can close the hole today.
- Open Gemini’s settings and turn off “Use Gemini without unlocking” entirely if the convenience is not worth it.
- Keep Gemini reachable from the lock screen but disable “Make calls and send messages without unlocking” specifically.
- Once the update arrives, check for a system update notification and install it right away.
- After lending a phone to anyone, reopen Gemini’s connected apps list to confirm nothing new attached itself.
A Pattern Stretching Back to September
The Register described the new bug as distinct from a run of similar Gemini lock screen issues that have surfaced since September 2025. A review of public vulnerability write-ups shows this is at least the fifth documented instance.
| Disclosed | Researcher or Outlet | Entry Point | Status |
|---|---|---|---|
| September 2025 | Sandiyo Christan, via Google’s bug bounty program | Original Gemini lock screen flow | Patched and publicly disclosed |
| January 2026 | Researchers at Payatu | Bixby and keyboard toggle race condition | Patched, reward paid |
| May 2026 | Sandiyo Christan | Gemini’s Deep Research feature | Unresolved at time of publication |
| Early July 2026 | Mustafa Salih Berk | Multi touch gesture on Gemini’s UI | Fully patched |
| July 17, 2026 | The Register | Simultaneous “Continue” and “Add attachment” taps | Fix due within the week |
Christan, a security researcher, first reported a Gemini lock screen flaw in 2024 that Google fixed and disclosed in September 2025. Eight months later, on a fully patched Pixel 6a, Christan found a way to escape the lock screen in under 60 seconds through Gemini’s Deep Research feature instead.
A separate write-up from the cybersecurity firm Payatu described a race condition between Bixby and the keyboard toggle that also worked directly through Gemini on non-Samsung phones, reproduced on a Galaxy S23 FE and a Pixel 7 Pro running Android 13 through 15.
A third write-up, published in early July by a separate researcher, documented a multi touch gesture that unlocked Gemini’s chat history and settings menu without ever entering a PIN.
Why One Patch Never Closes the Door
Every one of these bugs lives at the same seam: the moment Gemini’s lock screen overlay hands control to the full app, or to a connected service like Messages or WhatsApp. Security researchers classify this general flaw type as its own catalogued mobile attack technique, separate from guessing a PIN or spoofing a fingerprint.
One researcher who found two of the five bypasses on this list summed up the underlying problem in a write-up published in May.
Lock screen security is one promise an OS makes that users never think to question. When AI assistants start opening doors inside that boundary, the attack surface grows in ways that are hard to enumerate.
Sandiyo Christan, the researcher behind that write-up, argued the fix cannot be another patch aimed at one button or gesture. It needs a single system level check that cannot be raced, enforced on every path out of the lock screen overlay.
Who Is Actually at Risk From This Bug?
Anyone who hands a locked phone to someone they should not trust, or has it stolen off a table, is exposed. Remote attackers cannot use this flaw at all, since it needs the device physically in hand, which is also why security writers have been reluctant to call it a five alarm crisis even as it keeps resurfacing.
The Register made a similar point, comparing it to a Windows bug that only works with a keyboard plugged into the machine. In that scenario, the outlet wrote, “the owner of said machine has bigger problems than the vulnerability itself.”
But physical access is not rare. Phones get left on desks, borrowed by friends, or lifted from a bag on a train. That same researcher, Mustafa Salih Berk, found his multi touch gesture went further than sending messages: it could also expose Gmail drafts and NotebookLM data, letting an attacker create documents or delete files without the owner ever unlocking the phone.
The stakes run highest for people who never chose to hand over their phone at all, including partners in abusive relationships or anyone whose device is simply grabbed. A locked phone that can still send messages as its owner becomes a tool for impersonation, not just inconvenience.
Android is not alone in facing this kind of hunting. Corners of the internet already comb through iOS for its own lock screen weak points, sometimes for reasons more serious than a rogue text, like unlocking and reselling stolen iPhones. Apple’s own assistant is heading toward deeper Gemini ties too, as Siri’s overhaul in iOS 27 folds in a Gemini partnership, a preview of the same lock screen tension arriving on iPhones next.
Regulators Want Gemini’s Doors Open Even Wider
The bypass surfaces at an awkward moment for Google’s push to make Gemini the default layer sitting over Android. European regulators recently ordered Google to open Gemini’s Android access to rival assistants like ChatGPT and Claude, a decision aimed at competition rather than security.
Every assistant that gets the same lock screen level privileges Gemini already has inherits the same design question: how much should an AI agent be allowed to do before its owner proves who they are. Google has not answered that question cleanly for its own assistant, five bypasses into the attempt.
For now, the only confirmed timeline is Google’s own. A spokesperson told The Register the patch was built and scheduled to ship within the week of July 17. Whether it reaches every affected phone by then, across manufacturers Google still has not named, is the question the company left standing.
Frequently Asked Questions
Does this bug work even if I never gave Gemini lock screen access?
No. The bypass only works if the owner already turned on Gemini’s ability to act from the lock screen in the first place. Phones with that feature left off are not exposed to this specific bug.
Will turning off Gemini’s lock screen access fully protect my phone?
Yes, for this particular bypass. Disabling “Use Gemini without unlocking” removes the entry point entirely. Given how often researchers have found a new door into the same boundary, treating any single toggle as a permanent fix would be premature.
How much does Google pay for finding lock screen bypass bugs like this one?
Google’s Android bug bounty program has offered a $100,000 top reward for Pixel lock screen bugs that affect multiple or all Pixel devices, based on the program’s published reward table. A 2022 lock screen bypass unrelated to Gemini paid out $70,000 under that same structure.
Has Apple’s iPhone had a similar lock screen assistant bug?
Not one identical to this Gemini flaw, but iOS has its own history of lock screen weak points. Dedicated online communities actively search for them, sometimes to unlock and resell stolen phones rather than to send an unauthorized text.
-
TECHNOLOGY3 years agoHow to Adjust a Bulova Watch Band – An Easy Guide
-
News3 years agoFred Pentland: Athletic Bilbao’s English mentor who changed the essence of Spanish football
-
FINANCE3 years agoTax Planning for Every Season: Guide to Maximizing Your Tax Benefits
-
Education3 years agoAfrican Ministers New Education Plan
-
BUSINESS3 years agoWhat is Entrepreneurial Operating System? A Comprehensive Guide to EOS
-
Education3 years agoInnovate Your Learning Journey with Technology and Enhance Education
-
News3 years agoRussians formally out of World Athletics Championships
-
BUSINESS3 years agoTop 9 Most Expensive American Cities to Rent an Apartment
