Tag: google
-
Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam
A fake Gemini-style chatbot is pushing a bogus Google Coin presale, using Google branding and scripted AI replies to lure victims into crypto payments. The post Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fake-google-coin-scam-ai-chatbot-gemini/
-
An iPhone-hacking toolkit used by Russian spies likely came from US military contractor
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
-
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cloud-attackers-prefer-exploits/
-
Banking Apps und Custom-ROMs: GrapheneOS wirft Volla, Murena und Iodé Täuschung vor
GrapheneOS will echte Freiheit für Smartphones mit Custom-ROMs beim Einsatz von Banking-Apps und fordert einen Ersatz für Googles Schnittstelle. First seen on golem.de Jump to article: www.golem.de/news/banking-apps-und-custom-roms-grapheneos-wirft-volla-murena-und-iode-taeuschung-vor-2603-206314.html
-
Banking Apps und Custom-ROMs: GrapheneOS wirft Volla, Murena und Iodé Täuschung vor
GrapheneOS will echte Freiheit für Smartphones mit Custom-ROMs beim Einsatz von Banking-Apps und fordert einen Ersatz für Googles Schnittstelle. First seen on golem.de Jump to article: www.golem.de/news/banking-apps-und-custom-roms-grapheneos-wirft-volla-murena-und-iode-taeuschung-vor-2603-206314.html
-
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims’ databases and exfiltrate sensitive data within organizations’ Google Cloud environments.The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in First seen on thehackernews.com…
-
Zero Day: Unternehmen sind das neue Hauptziel
Die Google Threat Intelligence Group (GTIG) hat ihren jährlichen Zero-Day-Bericht veröffentlicht: Sie hat im Jahr 2025 insgesamt 90 Zero-Day-Sicherheitslücken identifiziert, die in freier Wildbahn ausgenutzt wurden. Obwohl diese Zahl niedriger ist als der Rekordwert von 2023 (100), liegt sie deutlich über der Zahl von 2024 (78). Insgesamt scheint sich die jährliche Anzahl in dem Bereich……
-
My Really Fun RSA 2026 Presentations!
Tags: ai, apt, automation, cyber, cybersecurity, data, detection, google, governance, guide, lessons-learned, malware, soc, strategy, threatThis blog is perhaps a little bit more like an ad, so if you don’t want to check the ads, consider not reading it. a very cyber image (Gemini) But this year at RSA 2026, I’m speaking on three topics: securing AI, using AI for SOC, and sharing lessons about how Google applies AI and other technologies…
-
An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
-
Cloud attacks exploit flaws more than weak credentials
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-cloud-attacks-exploit-flaws-more-than-weak-credentials/
-
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data.The extensions in question, both originally associated with a developer named “akshayanuonline@gmail.com” (BuildMelon), are listed below -QuickLens – Search Screen with First…
-
Google Threat Report zeigt Wandel bei Zero-Day-Angriffen
Fast die Hälfte aller Zero-Day-Angriffe im Jahr 2025 genauer gesagt 48 Prozent richtete sich gegen Unternehmenssoftware und -infrastruktur. Das ist ein neuer Höchststand. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/google-threat-report-zeigt-wandel-bei-zero-day-angriffen/a43992/
-
Threat Intelligence und Private Scanning – Cohesity integriert Google-Funktionen für die Sicherheit von Backup-Daten
First seen on security-insider.de Jump to article: www.security-insider.de/cohesity-google-threat-intelligence-private-scanning-backup-malware-a-bce5b4442ae2aa5c1f6f7e63ed1378f7/
-
PQC roadmap remains hazy as vendors race for early advantage
Tags: attack, cisco, communications, control, crypto, cryptography, data, encryption, finance, firmware, gartner, google, grc, guide, Hardware, healthcare, identity, infrastructure, monitoring, network, nist, risk, software, technology, threat, tool, vpn, vulnerabilitySome are already ahead as the migration question looms: One of the earliest vendors to operationalize cryptographic discovery specifically for PQC readiness was Sandbox AQ, which emerged from Google’s quantum research efforts. As early as 2022, the company argued that enterprises needed to inventory cryptography assets long before post-quantum algorithms could be deployed at scale.Initially…
-
Fake AI Extensions Breached Chat Histories in 20,000+ Enterprise Tenants
Microsoft has issued an alert after uncovering a wave of malicious Chromium-based browser extensions masquerading as legitimate AI assistant tools. The extensions, available on the Chrome Web Store and compatible with both Google Chrome and Microsoft Edge, secretly collected private browser data and AI chat content. Microsoft found that stolen data included full URLs, internal site…
-
Gefälschter Google-Sicherheitscheck: Diese perfide Masche räumt dein Konto leer
Tags: googleFirst seen on t3n.de Jump to article: t3n.de/news/gefaelschter-google-sicherheitscheck-1732410/
-
Diese Schadsoftware lässt sich von Googles KI erklären, wie sie dein Smartphone kapert
First seen on t3n.de Jump to article: t3n.de/news/promptspy-malware-gemini-ki-android-1730608/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer a human problem! StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential Stealer Inside a fake Google security check that becomes a browser RAT SloppyLemming…
-
Malicious Browser Add”‘on Targets imToken Users’ Private Keys
Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases from cryptocurrency users. The malicious add-on, named >>lmΤoken Chromophore<< (extension ID bbhaganppipihlhjgaaeeeefbaoihcgi), disguises itself as a harmless hex color visualizer for developers and digital artists. However, its true purpose is to impersonate the widely used…
-
One click on this fake Google Meet update can give attackers control of your PC
We found a fake Google Meet update that enrolls the victim’s Windows PC in an attacker’s device management system. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/one-click-on-this-fake-google-meet-update-can-give-attackers-control-of-your-pc/
-
Spyware Makers Topped Google’s List of Zero-Day Exploits for the First Time in 2025
For the first time, spyware makers topped Google’s list of organizations that exploited zero-day flaws in 2025, overtaking nation-state actors from China, Russia, and elsewhere and continuing a trends that Google researchers warned about two years ago. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/spyware-makers-in-2025-for-the-first-time-topped-googles-lists-of-zero-day-exploits/
-
900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
A joint study by Google and GitGuardian reveals that over 2,600 valid TLS certificates, protecting Fortune 500 companies and government agencies, were compromised due to private key leaks on GitHub and DockerHub. First seen on hackread.com Jump to article: hackread.com/certificates-fortune-500-gov-exposed-key-leaks/
-
Spyware Makers in 2025 for the First Time Topped Google’s Lists of Zero-Day Exploits
For the first time, spyware makers topped Google’s list of organizations that exploited zero-day flaws in 2025, overtaking nation-state actors from China, Russia, and elsewhere and continuing a trends that Google researchers warned about two years ago. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/spyware-makers-in-2025-for-the-first-time-topped-googles-lists-of-zero-day-exploits/
-
Nearly half of exploited zero-day flaws target enterprise-grade technology
A report by Google Threat Intelligence Group warns that AI will be used to speed and scale attacks in 2026. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/half-exploited-zero-day-flaws-enterprise-grade-technology/814021/
-
Zero”‘Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zero-day-enterprise-record-high/
-
Enterprises sind das Ziel Nummer eins
Google hat seinen jährlichen Zero-Day-Bericht vorgelegt. Angriffe auf Unternehmensinfrastruktur nehmen zu und chinesische Spionagegruppen dominieren staatlich gelenkte Attacken. First seen on it-daily.net Jump to article: www.it-daily.net/shortnews/google-enterprises-sind-das-ziel-nummer-eins
-
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While slightly below the 100 observed in 2023, the number increased from 78 in 2024, with…
-
Zero-day exploits hit enterprises faster and harder
Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-dayEnterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…