Category: Google
-
Google rolls out easy end-to-end encryption for Gmail business users
Google rolls out easy end-to-end encryption for Gmail business users Google has started rolling out a new end-to-end encryption (E2EE) model for Gmail enterprise users, making it easier to send encrypted emails to any recipient. […] Sergiu Gatlan Go to bleepingcomputer
-
The AI Fix #44: AI-generated malware, and a stunning AI breakthrough
The AI Fix #44: AI-generated malware, and a stunning AI breakthrough In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5 Pro Experimental and nobody notices, and Mark invents a clock for measuring…
-
Google fixes Chrome zero-day exploited in espionage campaign
Google fixes Chrome zero-day exploited in espionage campaign Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser’s sandbox and deploy malware in espionage attacks targeting Russian organizations. […] Sergiu Gatlan Go to bleepingcomputer
-
Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild
Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered a zero-day vulnerability being actively exploited by sophisticated threat actors. The vulnerability, identified as CVE-2025-2783, allowed attackers to bypass Chrome’s sandbox protection through a logical error at the…
-
Google Gemini’s Astra (screen sharing) rolls out on Android for some users
Google Gemini’s Astra (screen sharing) rolls out on Android for some users At MWC 2025, Google confirmed it was working on screen and video share capabilities for Gemini Live, codenamed “Project Astra”. At that time, Google promised that the feature would begin rolling out soon, and now some users have spotted it in the wild.…
-
Fake Semrush ads used to steal SEO professionals’ Google accounts
Fake Semrush ads used to steal SEO professionals’ Google accounts A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that aim to steal their Google account credentials. […] Bill Toulas Go to bleepingcomputer
-
Malicious Android ‘Vapor’ apps on Google Play installed 60 million times
Malicious Android ‘Vapor’ apps on Google Play installed 60 million times Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information. […] Bill Toulas Go to bleepingcomputer
-
Borked Chromecasts are beginning to receive their update – just hope you didn’t do a factory reset
Borked Chromecasts are beginning to receive their update – just hope you didn’t do a factory reset The news can’t have come too soon for the many Chromecast users who have found themselves unable to stream their favourite TV shows, movies, and other media. Read more in my article on the Hot for Security blog.…
-
Chromecast chaos – 2nd gen devices go belly-up as Google struggles to fix certificate issue
Chromecast chaos – 2nd gen devices go belly-up as Google struggles to fix certificate issue Has your old Chromecast suddenly developed a problem? You’re not alone it seems. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
New North Korean Android spyware slips onto Google Play
New North Korean Android spyware slips onto Google Play A new Android spyware named ‘KoSpy’ is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. […] Bill Toulas Go to bleepingcomputer
-
AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches
AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems from AMD’s use of the AES-CMAC algorithm as a hash function during microcode validation—a…
-
BadBox malware disrupted on 500K infected Android devices
BadBox malware disrupted on 500K infected Android devices The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. […] Bill Toulas Go to bleepingcomputer
-
Google expands Android AI scam detection to more Pixel devices
Google expands Android AI scam detection to more Pixel devices Google has announced an increased rollout of new AI-powered scam detection features on Android to help protect users from increasingly sophisticated phone and text social engineering scams. […] Bill Toulas Go to bleepingcomputer
-
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian police used Cellebrite zero-day hack to unlock Android phones Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. […] Bill Toulas Go to bleepingcomputer
-
Google Cloud introduces quantum-safe digital signatures in KMS
Google Cloud introduces quantum-safe digital signatures in KMS Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. […] Bill Toulas Go to bleepingcomputer
-
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google Chrome disables uBlock Origin for some in Manifest v3 rollout Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. […] Mayank Parmar Go to bleepingcomputer
-
SpyLend Android malware downloaded 100,000 times from Google Play
SpyLend Android malware downloaded 100,000 times from Google Play An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. […] Bill Toulas Go to bleepingcomputer
-
Google Chrome’s AI-powered security feature rolls out to everyone
Google Chrome’s AI-powered security feature rolls out to everyone Google Chrome has updated the existing “Enhanced protection” feature with AI to offer “real-time” protection against dangerous websites, downloads and extensions. […] Mayank Parmar Go to bleepingcomputer
-
Google Chrome’s Safe Browsing Now Protect 1 Billion Users With 300,000 Deep Scans
Google Chrome’s Safe Browsing Now Protect 1 Billion Users With 300,000 Deep Scans In honor of Safer Internet Day, Google has announced a significant milestone in online security, more than 1 billion Chrome users are now safeguarded by the browser’s Enhanced Protection mode. This advanced security feature, introduced in 2020 as part of Google Safe…
-
Hackers Exploit Prompt Injection to Tamper with Gemini AI’s Long-Term Memory
Hackers Exploit Prompt Injection to Tamper with Gemini AI’s Long-Term Memory A sophisticated attack targeting Google’s Gemini Advanced chatbot. The exploit leverages indirect prompt injection and delayed tool invocation to corrupt the AI’s long-term memory, allowing attackers to plant false information that persists across user sessions. This vulnerability raises serious concerns about the security of…
-
The AI Fix #36: A DeepSeek special
The AI Fix #36: A DeepSeek special In episode 36 of The AI Fix, Graham and Mark take a long look at DeepSeek, an upstart AI out of China that was trained on a shoestring, shook up Wall Street, kneecapped Nvidia, and challenged America’s AI hegemony. Graham also discovers a remarkably f***ing effective way to…
-
Google fixes Android kernel zero-day exploited in attacks
Google fixes Android kernel zero-day exploited in attacks The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. […] Sergiu Gatlan Go to bleepingcomputer
-
Google says hackers abuse Gemini AI to empower their attacks
Google says hackers abuse Gemini AI to empower their attacks Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets. […] Bill Toulas Go to bleepingcomputer
-
Google Has Blocked 2.28 Million Malicious Apps Entering Into Play Store
Google Has Blocked 2.28 Million Malicious Apps Entering Into Play Store Google announced today it blocked a record 2.28 million policy-violating apps from entering the Play Store in 2023, leveraging advanced machine learning, stricter developer vetting, and cross-industry collaborations to combat evolving cyberthreats. The milestone underscores efforts to uphold its SAFE principles (Safeguard Users, Advocate…
-
Google blocked 2.36 million risky Android apps from Play Store in 2024
Google blocked 2.36 million risky Android apps from Play Store in 2024 Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. […] Bill Toulas Go to bleepingcomputer
-
Google to kill Chrome Sync on older Chrome browser versions
Google to kill Chrome Sync on older Chrome browser versions Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. […] Sergiu Gatlan Go to bleepingcomputer
-
Google launches customizable Web Store for Enterprise extensions
Google launches customizable Web Store for Enterprise extensions Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees’ web browsers. […] Lawrence Abrams Go to bleepingcomputer
-
New Android Identity Check locks settings outside trusted locations
New Android Identity Check locks settings outside trusted locations Google has announced a new Android “Identity Check” security feature that lock sensitive settings behind biometric authentication when outside a trusted location. […] Bill Toulas Go to bleepingcomputer
-
MasterCard DNS Error Went Unnoticed for Years
MasterCard DNS Error Went Unnoticed for Years The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for nearly five years until a security researcher spent…
-
Fake Homebrew Google ads target Mac users with malware
Fake Homebrew Google ads target Mac users with malware Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. […] Bill Toulas Go to bleepingcomputer
-
Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you
Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you A Canadian man lost a $100,000 cryptocurrency fortune – all because he did a careless Google search. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Microsoft Bing shows misleading Google-like page for ‘Google’ searches
Microsoft Bing shows misleading Google-like page for ‘Google’ searches Microsoft Bing is displaying what is being categorized as a misleading Google-esque search page when users search for Google, making it look you are on the competing search engine. […] Lawrence Abrams Go to bleepingcomputer
-
Google Chrome is making it easier to share specific parts of long PDFs
Google Chrome is making it easier to share specific parts of long PDFs Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. […] Mayank Parmar Go to bleepingcomputer
-
Google Is Allowing Device Fingerprinting
Google Is Allowing Device Fingerprinting Lukasz Olejnik writes about device fingerprinting, and why Google’s policy change to allow it in 2025 is a major privacy setback. Bruce Schneier Go to bruce schneier
-
Scams Based on Fake Google Emails
Scams Based on Fake Google Emails Scammers are hacking Google Forms to send email to victims that come from google.com. Brian Krebs reports on the effects. Boing Boing post. Bruce Schneier Go to bruce schneier
-
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!) In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Apple’s AI flubs a headline, ChatGPT is available to people who haven’t left the 1970s, our hosts regret to inform you that an AI artist now…
-
Google Chrome uses AI to analyze pages in new scam detection feature
Google Chrome uses AI to analyze pages in new scam detection feature Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web. […] Mayank Parmar Go to bleepingcomputer
-
Ongoing phishing attack abuses Google Calendar to bypass spam filters
Ongoing phishing attack abuses Google Calendar to bypass spam filters An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. […] Lawrence Abrams Go to bleepingcomputer
-
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley
-
Google Chrome’s AI feature lets you quickly check website trustworthiness
Google Chrome’s AI feature lets you quickly check website trustworthiness Google Chrome’s upcoming feature uses AI to provide a summary of reviews from independent websites about the store or website you’re visiting. […] Mayank Parmar Go to bleepingcomputer
-
SpyLoan Android malware on Google play installed 8 million times
SpyLoan Android malware on Google play installed 8 million times A new set of 15 SpyLoan Android malware apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. […] Bill Toulas Go to bleepingcomputer