> the company added that it did not believe it was its own Gemini chatbot.

-TFA

I don't know, but given how often Gemini refuses benign requests IME, I would suspect it's a complete non-starter for finding security holes.