Tag: google
-
Pixel 11 könnte Gesichtsentsperrung wie iPhone bekommen
Wer ein aktuelles Pixel benutzt, weiß, dass Googles Gesichtsentsperrung im Dunkeln nicht funktioniert. Das soll sich ändern. First seen on golem.de Jump to article: www.golem.de/news/google-pixel-11-koennte-gesichtsentsperrung-wie-iphone-bekommen-2602-205586.html
-
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
A convincing presale site for phony Google Coin features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/scam-abuses-gemini-chatbots-convince-people-buy-fake-crypto
-
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning
Dell and Google released notices on Tuesday about CVE-2026-22769, warning that a sophisticated Chinese actor has been targeting the bug since at least mid-2024. First seen on therecord.media Jump to article: therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning
-
Flaws in Google, Microsoft products added to Cisa catalogue
Cisa has added six CVEs to its Kev catalogue this week, including newly-disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639264/Flaws-in-Google-Microsoft-products-added-to-Cisa-catalogue
-
Millionen Chrome-Erweiterungen geben Browserverlauf preis
Eine Sicherheitslücke in beliebten Chrome-Erweiterungen führt dazu, dass der Browserverlauf der Anwender offengelegt ist.Ein Sicherheitsforscher mit dem Pseudonym ‘Q Continuum” hat 287 Chrome-Erweiterungen entdeckt, die den Browserverlauf exfiltrieren. ‘Die Akteure hinter den Lecks sind vielfältig: Similarweb, Curly Doggo, Offidocs, chinesische Akteure, viele kleinere, unbekannte Datenbroker sowie ein mysteriöses Unternehmen namens “šBig Star Labs’, das offenbar…
-
Job scam uses fake Google Forms site to harvest Google logins
Phishers are using fake Google Forms pages hosted on lookalike domains to trick job seekers into handing over their Google credentials. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/job-scam-uses-fake-google-forms-site-to-harvest-google-logins/
-
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. >>Mandiant and Google Threat Intelligence Group (GTIG) have identified…
-
Gefährliche Backdoor: Android-Malware in Firmware und auf Google Play entdeckt
Die Keenadu-Malware verschafft Angreifern die volle Kontrolle über Android-Geräte. Eine Entfernung gestaltet sich je nach Infektionsweg schwierig. First seen on golem.de Jump to article: www.golem.de/news/gefaehrliche-backdoor-android-malware-in-firmware-und-auf-google-play-entdeckt-2602-205544.html
-
U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, microsoft, ransomware, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…
-
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Tags: china, credentials, cve, exploit, google, group, intelligence, mandiant, threat, vulnerability, zero-dayA maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG).The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials…
-
Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin”
An AI chatbot posing as Google’s Gemini is being used to pitch fake “Google Coin,” promising 7x returns. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scammers-use-fake-gemini-ai-chatbot-to-sell-fake-google-coin/
-
Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation
Tags: apt, attack, browser, chrome, control, cyber, cybersecurity, exploit, google, group, network, security-incident, vulnerability, windows, zero-dayBackground In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, the operation leveraged a Google Chrome 0-day vulnerability (CVE-2025-2783) as its core weapon. This vulnerability enabled sandbox escape, allowing arbitrary code execution on victims’ Windows systems and granting full control over the targeted…The…
-
Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign
Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled in device firmware, hidden inside system apps, or even distributed via official stores like Google Play. Currently used for ad fraud by turning infected…
-
Zero-Day in Dell RecoverPoint Exploited by Chinese Hacker Group
A critical zero-day vulnerability, tracked as CVE-2026-22769, is being actively exploited in Dell Technologies’ RecoverPoint for Virtual Machines. According to Mandiant and Google Threat Intelligence Group (GTIG), the flaw carries a perfect score severity score of 10, and has been weaponized by a Chinese threat cluster, identified as UNC6201. First seen on thecyberexpress.com Jump to…
-
CISA Warns of Actively Exploited Google Chromium 0″‘Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Google Chromium engine to its Known Exploited Vulnerabilities (KEV) catalog. Tracking as CVE-2026-2441, this security flaw is currently being actively exploited in the wild. The agency’s inclusion of this bug serves as a mandate for federal agencies to apply necessary…
-
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
Tags: browser, chrome, cisa, cve, cybersecurity, exploit, flaw, google, infrastructure, kev, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.The list of vulnerabilities is as follows -CVE-2026-2441 (CVSS score: 8.8) – A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit…
-
Dell 0-Day Vulnerability Targeted by Chinese Hackers Since Mid-2024 for Ongoing Malware Campaign
A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by Chinese state-sponsored hackers since mid-2024. Mandiant and Google Threat Intelligence Group (GTIG) attribute this campaign to UNC6201, a threat cluster with significant overlaps to the group known as Silk Typhoon. The vulnerability, tracked as CVE-2026-22769, carries a maximum CVSS score of 10.0, allowing attackers to gain…
-
Dell 0-Day Vulnerability Targeted by Chinese Hackers Since Mid-2024 for Ongoing Malware Campaign
A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by Chinese state-sponsored hackers since mid-2024. Mandiant and Google Threat Intelligence Group (GTIG) attribute this campaign to UNC6201, a threat cluster with significant overlaps to the group known as Silk Typhoon. The vulnerability, tracked as CVE-2026-22769, carries a maximum CVSS score of 10.0, allowing attackers to gain…
-
Chinese hackers exploited a Dell zero-day for 18 months before anyone noticed
Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they’ve moved on to a more advanced version of Brickstorm malware called Grimbolt. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-brickstorm-grimbolt-dell-zero-day/
-
Ahead of the Curve: Hickman County School District’s Proactive Approach to Student Safety
How Cloud Monitor provides long-term value and consistent student protection in Google Workspace In Centerville, Tennessee, Hickman County School District serves approximately 2,500 students across nine schools with a small but highly capable technology team. Leading that effort is Brad Gilbert, Director of Technology, a forward-thinking IT leader who has long recognized that student safety…
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
Update Chrome now: Zero-day bug allows code execution via malicious webpages
Google has released an emergency update to patch an actively exploited zero-day”, the first Chrome zero-day of the year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/
-
Murena: Volla Tablet mit Google-freiem /e/OS erhältlich
Nach Ubuntu Touch und Volla OS kann nun auch das Android-ROM /e/OS ohne Google-Dienste auf dem Volla-Tablet installiert werden. First seen on golem.de Jump to article: www.golem.de/news/murena-volla-tablet-mit-google-freiem-e-os-erhaeltlich-2602-205501.html
-
Contrast ADR for Google Security Operations
<div cla Contrast Security has announced the availability of a new integration between Contrast ADR and Google Security Operations. This collaboration provides security operations centers (SOCs) with high-fidelity runtime application intelligence to accelerate detection and response to sophisticated application-layer threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/contrast-adr-for-google-security-operations/
-
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft
A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to >>remove verification popups<>generate 2FA codes,<< its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […] The…
-
Ohne Google oder Microsoft arbeiten: Wie gut ist europäische Software im Alltag?
First seen on t3n.de Jump to article: t3n.de/news/wie-gut-ist-europaeische-software-im-alltag-1728129/
-
260K+ Chrome Users Duped by Fake AI Browser Extensions
30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/chrome-fake-ai-browser-extensions
-
Leaky Chrome extensions with 37M installs caught divulging your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…