Google has released a security update for its Chrome browser that addresses three high-severity vulnerabilities, which could pose risk to users. One of the vulnerabilities, CVE-2026-3061, allows “… a remote attacker to perform an out-of-bounds memory read via a crafted HTML page,” said NIST in its advisory. Inside the Chrome Vulnerabilities The security update addresses…
Tag: Google
AI, Apps, Global Security News
What Gemini 3.1 Pro Means for Heavy-Duty AI Users
Google just introduced Gemini 3.1 Pro, the newest version of its flagship model which cracked the market back in November. Instead of optimizing for and spitting out quick replies, Gemini 3.1 Pro is designed to handle problems that require multiple steps and deeper reasoning. Google touts performance scoring as Gemini competes with GPT-5.2 Google ran…
AI, china, Global Security News
SerpApi fights back against Google lawsuit
The web scraping wars have just intensified. In December, Google announced that it was taking action against web scraping company SerpApi, whose API lets customers’ scrapers mimic human searching, claiming that the company’s tool was “circumventing security measures” that protect its search results to feed the voracious appetite for training data required by many…
AI, Global Security News
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. […]
AI, Global Security News
WhatsApp is adding another lock to your account
Meta has released WhatsApp Beta for Android 2.26.7.8 through the Google Play Beta Program. The update includes references to password-protected accounts, indicating plans to introduce an additional layer of protection beyond the app’s current authentication options. WhatsApp is exploring the implementation of a feature that will introduce a password (Source: WABetaInfo) The feature will allow…
AI, Global Security News
Google launches Pixel 10a for AUD $849, which is $500 cheaper than Pixel 10 but with G4 chip
Google has announced the Pixel 10a officially, after some teasers in the last couple of weeks that came despite an embargo for the press, available to pre-order now – and on store shelves from March 5 in just a couple of weeks, but is the Pixel 9a a better deal for the budget conscious?
Global Security News, malware
Android Malware Hijacks Google Gemini to Stay Hidden
A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET
Global Security News
Google cleans house, bans 80,000 developer accounts from the Play Store
Google prevented more than 1.75 million policy-violating apps from being published on Google Play and banned over 80,000 developer accounts that attempted to publish harmful apps in 2025. Developer verification, mandatory pre-review checks, and testing requirements in the Google Play ecosystem have reduced entry points for bad actors. “User safety is at the core of…
Global Security News
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor…
AI, Global Security News
Theft of Trade Secrets Is on the Rise—and AI Is Making It Worse
Google, Apple and xAI are among companies that have sought to defend their sensitive information from employees accused of stealing it.
AI, Global Security News
5 ways Gemini can help you make Google Slides presentations
Gemini, Google’s generative AI assistant, has various tools you can access within Google Slides to assist you in creating and editing your presentations. Additionally, you can generate whole presentations in the standalone Gemini app and then export them into Slides to work on. Anyone with a Google account can use the Gemini app for free.…
AI, Global Security News
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
A convincing presale site for phony “Google Coin” features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers.
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…
AI, Global Security News, Risk Management
Elon Musk Pushes AI to Be ‘Unhinged,’ Former Employees Say
As OpenAI, Anthropic, and Google race to fortify their AI guardrails, Elon Musk appears to be loosening his. Former xAI insiders say the billionaire is pushing to make his chatbot “more unhinged,” framing safety measures as censorship rather than protection. According to employees who spoke anonymously, the company’s dedicated safety function has effectively been dismantled,…
AI, Apps, Data Breaches, Global Security News, Network Security, privacy, Risk Management
Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension
A malicious Google Chrome extension masquerading as a productivity tool for Meta Business users has been found stealing two-factor authentication secrets and sensitive business data, enabling silent takeover of Facebook and Instagram assets. The extension, CL Suite by @CLMasters, advertises itself as a way to streamline Meta Business workflows, but Socket researchers say it quietly…
AI, Global Security News
260K+ Chrome Users Duped by Fake AI Browser Extensions
30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools.
Global Security News
Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
AI, Exploits, Global Security News
Google fixes first actively exploited Chrome zero-day of 2026
Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-day vulnerability, tracked as CVE-2026-2441, in Chrome that is already being exploited in real-world attacks. The flaw is a use-after-free bug in the browser’s CSS component. This is the first…
AI, Exploits, Global Security News
Google patches Chrome vulnerability with in-the-wild exploit (CVE-2026-2441)
Google released a security update for Chrome to address a high-severity zero‑day vulnerability (CVE-2026-2441) on Friday. “Google is aware that an exploit for CVE-2026-2441 exists in the wild,” the company said. About CVE-2026-2441 CVE-2026-2441 is a use-after-free bug in the CSS processing component of Google Chrome, which allows a remote attacker “to execute arbitrary code…
Global Security News, privacy
Android 17 beta brings privacy, security, and performance changes
Google has released the first beta of Android 17, giving developers an early view of changes to core app behavior, platform tooling, performance, media handling, and connectivity. The company plans to move quickly from this beta toward the Platform Stability milestone, targeted for March, where final APIs and behavior definitions for apps will be delivered.…
Exploits, Global Security News
Google patches first Chrome zero-day exploited in attacks this year
Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year. […]
AI, Exploits, Global Security News
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming…
AI, Global Security News, malware
CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups
CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized “Ninja Browser.” The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. […]
AI, Global Security News, malware
Claude LLM artifacts abused to push Mac infostealers in ClickFix attack
Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries. […]
AI, china, Data Breaches, Global Security News, Risk Management, Russia
Hackers Try to Clone Google’s Gemini With 100,000+ AI Probes
Google built Gemini to answer questions. Now attackers are using questions as lockpicks. In a surge of more than 100,000 carefully engineered prompts, threat actors have been hammering Google’s Gemini chatbot in what the company calls “model extraction” or “distillation” attacks. By systematically probing the system, adversaries attempt to reverse engineer the model’s underlying logic,…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google fears massive attempt to clone Gemini AI through model extraction
Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by Google Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning process…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google fears massive attempt to clone Gemini AI through model extraction
Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by the company’s Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning…
Cybersecurity, Global Security News
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google: state-backed hackers exploit Gemini AI for cyber recon and attacks
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to…
AI, APT, china, Cybersecurity, Global Security News, Government & Policy, malware, Russia, Technology
Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycle
A new report from Google found evidence that state-sponsored hacking groups have leveraged AI tool Gemini at nearly every stage of the cyber attack cycle. The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. John Hultquist, chief analyst…
AI, Global Security News
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction…
AI, Global Security News, Government & Policy
Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
AI, Artificial Intelligence, Global Security News, Google, Security
Google says hackers are abusing Gemini AI for all attacks stages
Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to systematically probe models and replicate their logic and reasoning. […]
AI, Cybersecurity, data protection, Global Security News, Google, News, privacy
Google Search introduces new ways to remove sensitive personal information and explicit images
Google expanded its “Results about you” tool to give users more control over sensitive personal information and added a way to request removal of non-consensual explicit images from Search. Manage and limit sensitive personal information in Search Users can request the removal of Search results that contain sensitive personal information, such as driver’s license numbers,…
AI, Cloud Security, Cybersecurity, Europe, Global Security News, Network Security, Risk Management
EU clears Google’s $32B Wiz acquisition, intensifying cloud security competition
Google has secured unconditional EU antitrust approval for its $32 billion acquisition of cloud security firm Wiz, clearing a major regulatory hurdle and paving the way for one of the largest cybersecurity acquisitions to date. The decision removes a key uncertainty for enterprise customers and positions Google Cloud to aggressively expand its security portfolio…
AI, Europe, Global Security News, Government & Policy, privacy, Risk Management
Apple, Google agree to app store changes in the UK
Under pressure from UK regulators, Apple and Google have reached an agreement to change how they operate their app stores in the UK, the Competition and Markets Authority (CMA) announced on Tuesday. The agreement means both companies will not discriminate against apps that compete with their own apps and services. They pledged to be more transparent…
AI, Global Security News, Industry
Over 1,000 Google employees demand the company cut ties with ICE
More than 1,000 Google employees have signed an open letter urging the company to sever its business ties with the US Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP), according to CNBC. In the letter, the employees condemn what they describe as escalating violence linked to federal immigration operations and refer to…
AI, Global Security News, Industry
Over 1,000 Google employees demand the company cut ties with ICE
More than 1,000 Google employees have signed an open letter urging the company to sever its business ties with the US Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP), according to CNBC. In the letter, the employees condemn what they describe as escalating violence linked to federal immigration operations and refer to…
AI, Global Security News, Industry
Over 1,000 Google employees demand the company cut ties with ICE
More than 1,000 Google employees have signed an open letter urging the company to sever its business ties with the US Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP), according to CNBC. In the letter, the employees condemn what they describe as escalating violence linked to federal immigration operations and refer to…
AI, Global Security News
Google Meet videoconferencing devices can now join Teams calls
Google and Microsoft have enabled interoperability between their videoconferencing devices, meaning Google Meet users can now join Teams meetings from a Chrome OS-based Google Meet device, while Teams Rooms can do the same for Google Meet calls. IT admins should be able to see the option in Google Meet console already, while end users can…
AI, cyber attack, Cybersecurity, Global Security News, malware, Security
macOS Users Hit by Python Infostealers Posing as AI Installers
Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces.
Global Security News
Tenable Research Uncovers Major Vulnerabilities in Google Looker
GUEST RESEARCH: Tenable Research has identified two major vulnerabilities dubbed “LookOut,” in Google Looker. The popular business intelligence platform is used by more than 60,000 companies in 195 countries, potentially allowing attackers to hijack entire systems or steal corporate secrets.
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser crashes. The issues affect core browser components and may be triggered when users visit specially crafted websites. One of the vulnerabilities, CVE-2026-1861, allows “… a remote attacker to potentially exploit heap corruption via…
AI, Android, android security, Cybersecurity, Global Security News, privacy, Risk Management
How Android provides the most effective protection to keep you safe from mobile scams
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Vijay Pareek, Manager, Android Messaging Trust and Safety As Cybersecurity Awareness Month wraps up, we’re focusing on one of today’s most pervasive digital threats: mobile scams. In the last 12 months, fraudsters have…
AI, Cybersecurity, Global Security News, privacy
Accelerating adoption of AI for cybersecurity at DEF CON 33
Posted by Elie Bursztein and Marianna Tishchenko, Google Privacy, Safety and Security Team Empowering cyber defenders with AI is critical to tilting the cybersecurity balance back in their favor as they battle cybercriminals and keep users safe. To help accelerate adoption of AI for cybersecurity workflows, we partnered with Airbus at DEF CON 33 to host…
AI, Cybersecurity, Data Breaches, Global Security News, privacy
Poisoned Calendar invites, ChatGPT, and Bromide
A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after ChatGPT told him to season his food with… pesticide, and some thoughts on Superman’s latest cinematic outing. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley, joined this…
AI, Apps, Global Security News, Network Security, Risk Management
Introducing OSS Rebuild: Open Source, Rebuilt to Last
Posted by Matthew Suozzo, Google Open Source Security Team (GOSST) Today we’re excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream…
AI, AI Security, Cybersecurity, Data Breaches, Global Security News, Government & Policy, malware, privacy, Risk Management
Mitigating prompt injection attacks with a layered defense strategy
Posted by Google GenAI Security Team With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt,…
AI, Chrome, Compliance, Global Security News, Network Security, Risk Management
Sustaining Digital Certificate Security – Upcoming Changes to the Chrome Root Store
Posted by Chrome Root Program, Chrome Security Team Note: Google Chrome communicated its removal of default trust of Chunghwa Telecom and Netlock in the public forum on May 30, 2025. The Chrome Root Program Policy states that Certification Authority (CA) certificates included in the Chrome Root Store must provide value to Chrome end users that…
AI, Exploits, Global Security News, malware, privacy
Using AI to stop tech support scams in Chrome
Posted by Jasika Bawa, Andy Lim, and Xinghui Lu, Google Chrome Security Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting money or gaining unauthorized access to sensitive data. In a tech support scam, the goal of the scammer is to trick you into believing your computer…
AI, Apps, Exploits, Global Security News, Risk Management
Taming the Wild West of ML: Practical Model Signing with Sigstore
Posted by Mihai Maruseac, Google Open Source Security Team (GOSST) In partnership with NVIDIA and HiddenLayer, as part of the Open Source Security Foundation, we are now launching the first stable version of our model signing library. Using digital signatures like those from Sigstore, we allow users to verify that the model used by the…