Tag: google
268 articles

Google patches actively exploited Android zero-day flaw amid June security updates
Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

Google Engineer Charged with Insider Trading Using Company Data
A Google engineer, Michele Spagnuolo, has been charged with insider trading in the Southern District of New York for allegedly using company data to make lucrative bets on a cryptocurrency-based prediction market. He faces serious penalties, including up to 10 years in prison for commodities fraud and 20 years for wire fraud and money laundering.

Google Engineer Exploits Confidential Data for $1.2M Betting Gain
A Google engineer allegedly used confidential data to make a staggering $1.2M betting gain, sparking a federal crackdown on insider trading that threatens to undermine market integrity. The US attorney for the Southern District of New York vowed to investigate and prosecute such greed-driven conduct.

CrowdStrike disrupts Glassworm botnet with global takedown
In a major win for cybersecurity, CrowdStrike has successfully dismantled the notorious Glassworm botnet in a global takedown, cutting off its operators from infected machines worldwide. The infected machines now harmlessly connect to a CrowdStrike-controlled IP address, rendering the botnet useless.

CrowdStrike and Google Disrupt Glassworm Botnet Infrastructure
In a major win for cybersecurity, a powerful collaboration between CrowdStrike, Google, and the Shadowserver Foundation successfully dismantled the Glassworm botnet by simultaneously taking down all four of its command-and-control channels. This bold move cut off the botnet's operators from infected devices, preventing further malicious activity.

CrowdStrike Disrupts GlassWorm Malware's Global Supply Chain Attack Infrastructure
In a major win for cybersecurity, CrowdStrike teamed up with Google and the Shadowserver Foundation to dismantle the global infrastructure behind the GlassWorm malware attack, crippling its ability to issue commands or deliver new payloads to infected machines. This coordinated operation targeted and neutralized the malware's command-and-control channels, protecting software developers from further exploitation.

Google Exposes Unfixed Chromium Flaw Details
A security researcher just blew the whistle on a glaring Chromium flaw that Google thought was fixed - but still works, putting tens of thousands of users at risk of a botnet attack. The exploit, first reported in 2022, allows malicious websites to remotely execute JavaScript on unsuspecting devices.

Foxconn Disrupted by Nitrogen Ransomware Attack
Nitrogen ransomware attackers claim to have stolen a massive 8 terabytes of sensitive data, including confidential files from tech giants like Intel, Apple, and Google, potentially disrupting the entire consumer-tech supply chain. The breach could have far-reaching consequences for suppliers and customers worldwide.

Google Unveils Spyware Forensics Tool for High-Risk Android Users
Google's new Android Intrusion Logging tool helps high-risk users detect spyware attacks by recording suspicious activity, but raises concerns about sensitive data sharing and consent. To use it effectively, users must balance protection with secure log sharing and informed consent.

Google Bolsters Android Spyware Defenses with Intrusion Logging Feature
Google just launched a game-changing feature to help protect Android users from spyware: Intrusion Logging, a powerful tool that collects forensic data to help investigate suspected device compromises. Now available in Advanced Protection Mode, this innovative feature lets users opt-in to safeguard their digital security and peace of mind.
Android 17 Bolsters Defenses Against Banking Scams, Device Theft
Stay one step ahead of scammers with Android 17's cutting-edge security features, including robust protection against banking scam calls and device theft. Android 17 will work hand-in-hand with banking apps to detect and block spoofed calls, giving you an added layer of defense against financial threats.

Google Bolsters Android Security to Counter Spyware Vendors
Google's new Intrusion Logging feature is a game-changer in the fight against spyware, helping digital forensics researchers uncover sophisticated attacks on Android devices. By recording security incidents like device unlocking and spyware installation, it provides crucial evidence to investigate and take down these threats.

Google and Apple Roll Out Cross-Platform RCS Encryption
Big news for messaging security: Apple and Google have just launched a beta rollout of end-to-end encrypted RCS messaging, allowing for more secure conversations between iPhone and Android users worldwide. This update enables encryption by default, marked with a lock icon, and is available to users with supported carriers and devices.

Apple and Google Boost Cross-Platform Messaging with End-to-End Encryption
Say goodbye to the green bubble blues! iPhone and Android users can now send end-to-end encrypted messages to each other, thanks to a game-changing collaboration between Apple and Google.

Google Bolsters Android App Security with Public Verification Ledger
Google is stepping up its game to keep your Android apps safe with a new public verification ledger that ensures the Google apps on your device are genuine and exactly as intended. This move builds on its Pixel Binary Transparency feature, now expanding it to all Android production apps.

Google Boosts Bounty Payouts for Elusive Android Exploits
Google just supercharged its bounty program, offering up to $1.5 million for the most elusive Android exploits that require top-notch technical skills to pull off. The biggest prizes go to zero-click, full-chain exploits with persistence, highlighting Google's focus on tackling the toughest security challenges.

Pentagon Clears 7 AI Firms for Classified Network Access
The Pentagon has cleared seven top AI firms, including Amazon, Google, and Microsoft, to access classified Defense Department networks, marking a major step forward in harnessing AI for national security. This strategic move aims to prevent reliance on a single vendor and drive American leadership in AI.

Google's Gemini CLI Fix Sparks CI/CD Pipeline Disruptions
A recent patch for Google's Gemini CLI has sparked disruptions in CI/CD pipelines, ironically caused by a critical infrastructural flaw - not an AI quirk - that allowed remote code execution due to over-permissive workspace trust in headless mode. The fix, while swift, may trip automated pipelines that relied on the old settings.

Google Fixes Critical Gemini CLI Flaw Enabling Remote Code Execution
Google patched a critical flaw in Gemini CLI that allowed hackers to inject malicious code and take control of host systems, thanks to a report from Novee Security. The vulnerability, scoring a perfect 10.0 on the CVSS scale, has been fixed in recent updates to the @google/gemini-cli and google-github-actions/run-gemini-cli packages.

Google Bets Big on Anthropic with Up to $40B Investment
Google is making a bold bet on the future of AI, investing up to $40 billion in Anthropic, a leading AI developer, with an initial $10 billion commitment and a long-term plan to provide massive computing power to fuel innovation. This multibillion-dollar deal highlights the intense competition for AI dominance, where infrastructure and computing capacity are the new currency.

Pentagon Bolsters AI Arsenal with Google's Latest Model
The Pentagon has supercharged its AI capabilities with Google's cutting-edge model, Gemini 3.1 Pro, now available on its enterprise generative-AI platform, GenAI.mil, marking a major milestone in American AI innovation. This powerful tool is set to revolutionize defense operations and will also be accessible to federal government users.

Microsoft Teams Used to Deploy Sophisticated Snow Malware
Cyber attackers have cleverly used Microsoft Teams to deploy a sophisticated malware suite, dubbed Snow, by tricking victims into installing a fake anti-spam patch that ultimately led to prolonged access, credential theft, and domain compromise. They started by creating a sense of urgency through email bombing, then followed up with a direct message on Microsoft Teams.

Google Fixes Antigravity Flaw That Enabled Code Execution
Google's Antigravity tool, designed to streamline coding, had a flaw that allowed hackers to run malicious code - but luckily, the tech giant has patched the vulnerability. This fix prevents cyber threats that could have exploited the tool's file-creation capabilities and lax input sanitization.

Google's Antigravity AI Flaw Exposes Remote Code Risk
Google's top-of-the-line Antigravity AI safeguard can be surprisingly easily tricked into letting its guard down, leaving the door open for attackers to execute remote code. Even with its highest security setting, the AI agent manager's weaknesses can be exploited, putting users at risk.