Tag: google
-
Google changes Play Store policies after settling Epic Games dispute
Tags: googleGoogle is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/google-play-store-changes-android-app-distribution/
-
Cyberkriminelle nutzen gefälschten Google-Sicherheitscheck: So schützt du dich vor der Masche
Tags: googleFirst seen on t3n.de Jump to article: t3n.de/news/cyberkriminelle-nutzen-gefaelschten-google-sicherheitscheck-so-schuetzt-du-dich-vor-der-masche-1732410/
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Streit mit Epic: Google senkt Gebühren für InKäufe
Tags: googleGoogle legt den Streit mit Epic Games bei: Gebühren für In-App-Käufe werden gesenkt, alternative App-Stores lassen sich leichter installieren. First seen on golem.de Jump to article: www.golem.de/news/streit-mit-epic-google-senkt-gebuehren-fuer-in-app-kaeufe-2603-206119.html
-
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97% remediation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/2622-valid-certificates-exposed-a-google-gitguardian-study-maps-private-key-leaks-to-real-world-risk/
-
Google uncovers Coruna iOS Exploit Kit targeting iOS 1317.2.1
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 1317.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also known as CryptoWaters) that targets Apple iPhones running iOS versions 13.0 through 17.2.1. The kit…
-
Zero-day in Android phone chips under active attack
Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639578/Zero-day-in-Android-phone-chips-under-active-attack
-
Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day
Google’s March 2026 Android update patches 129 flaws, including an actively exploited Qualcomm zero-day, and urges users to install 2026-03-05. The post Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-security-update-129-vulnerabilities/
-
Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks
Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/attackers-abuse-oauths-built-in-redirects-to-launch-phishing-and-malware-attacks/
-
High-severity Qualcomm bug hits Android devices in targeted attacks
Google has patched 129 Android vulnerabilities, including an actively exploited flaw in a widely used Qualcomm component. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/high-severity-qualcomm-bug-hits-android-devices-in-targeted-attacks/
-
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 1317.2.1
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1.The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS. The…
-
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting…
-
Google Gemini: Geleakter API-Key treibt Entwickler in den Ruin
Ein kleines Entwicklerteam soll plötzlich mehr als 82.000 US-Dollar an Google zahlen. Ein Angreifer hatte einen API-Key für Gemini missbraucht. First seen on golem.de Jump to article: www.golem.de/news/google-gemini-geleakter-api-key-treibt-entwickler-in-den-ruin-2603-206084.html
-
Perplexity’s Comet Browser Breached Through Calendar Invite Attack
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “PleaseFix” family, affected Comet on macOS, Windows, and Android and was rated P1 (critical) in Bugcrowd. The attack required no…
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
Anthropic AI ultimatums and IP theft: The unspoken risk
Tags: ai, ceo, china, ciso, data, data-breach, defense, google, government, intelligence, monitoring, network, openai, risk, service, theft, toolChina’s extraction campaign: A targeting operation, not a curiosity: Anthropic’s disclosure that three China”‘based AI companies (DeepSeek, Moonshot AI, and MiniMax) ran more than 16 million interactions through roughly 24,000 fraudulent accounts is not a story about model misuse. It is a story about targeting. These campaigns went straight at Claude’s most sensitive capabilities: agentic…
-
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, microsoft, ransomware, vmware, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In…
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.”Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said…
-
Phishing Campaign Uses Google Cloud to Host Malicious Redirects via GCS Bucket
A sophisticated phishing campaign has recently emerged, leveraging Google Cloud’s trusted infrastructure to host malicious redirects. The campaign’s technical structure leverages Google Cloud Storage legitimate domain, googleapis.com, which is widely trusted by mail gateways and end users alike. This provides the attackers an opportunity to bypass common security layers such as SPF and DKIM validation.…
-
Microsoft Alerts Customers to New Phishing Attack Exploiting OAuth in Entra ID to Bypass Detection
Tags: attack, authentication, credentials, cyber, detection, exploit, google, government, microsoft, phishing, software, threat, vulnerabilityMicrosoft recently uncovered sophisticated phishing campaigns that exploit the by-design redirection mechanisms of the OAuth 2.0 protocol. Threat actors are targeting government and public-sector organizations by manipulating legitimate authentication flows in Microsoft Entra ID and Google Workspace. Rather than exploiting traditional software vulnerabilities or stealing credentials directly, this campaign abuses trusted protocol behavior to bypass…
-
Silver Dragon APT Group Exploits Google Drive for Covert Attacks on Europe, Asia
Silver Dragon is a Chinese”‘aligned APT group that has been targeting public sector and high”‘profile organizations in Europe and Southeast Asia since at least mid”‘2024, with strong operational overlap to APT41 tradecraft. The group combines classic post”‘exploitation tooling like Cobalt Strike with new custom malware that abuses Google Drive as a covert command”‘and”‘control (C2) channel.research.…
-
Thousands of iPhones Compromised in Massive Hack via Coruna Exploit Kit with 23 Vulnerabilities
Security researchers from the Google Threat Intelligence Group (GTIG) have uncovered >>Coruna,<< a highly sophisticated iOS exploit kit responsible for compromising thousands of iPhones. Targeting iOS versions 13.0 through 17.2.1, the framework contains five complete exploit chains leveraging a staggering 23 vulnerabilities. What began as a tool for a commercial surveillance vendor in early 2025…