Google Translate, now powered by Gemini, is vulnerable to prompt injection attacks, a direct consequence of Google switching the service to Gemini models in late 2025. Users can bypass the translation function entirely by embedding natural language instructions that speak directly to the underlying language model. The trick was first discovered by a Tumblr user (via LessWrong). It works by entering a question in a foreign language like Chinese, then adding an English meta-instruction below it. Instead of translating the text, Google Translate answers the question. A prompt injection in Google Translate causes the tool to answer a question about Beijing in 1989 instead of translating it. | Image: via Tumblr LLM jailbreaker “Pliny the Liberator” showed on X that the exploit goes well beyond harmless questions. Using the same technique, they got Google Translate to produce dangerous content, including instructions for making drugs and malware. Using prompt injection, Google Translate was tricked into providing instructions for making methamphetamine instead of translating the input. | Image: via X Google switched Google Translate to Gemini models in December 2025. The exact model powering the service isn’t publicly known. The system itself claims to use Gemini 1.5 Pro, but that isn’t reliable
Read More












