Tag: google

New Keenadu backdoor found in Android firmware, Google Play apps

Feb 17, 2026 3:58 PM

Tags: android, backdoor, control, firmware, google, malware

A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
Update Chrome now: Zero-day bug allows code execution via malicious webpages

Feb 17, 2026 2:58 PM

Tags: browser, chrome, exploit, google, malicious, update, zero-day

Google has released an emergency update to patch an actively exploited zero-day”, the first Chrome zero-day of the year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/
Murena: Volla Tablet mit Google-freiem /e/OS erhältlich

Feb 17, 2026 2:58 PM

Tags: android, google

Nach Ubuntu Touch und Volla OS kann nun auch das Android-ROM /e/OS ohne Google-Dienste auf dem Volla-Tablet installiert werden. First seen on golem.de Jump to article: www.golem.de/news/murena-volla-tablet-mit-google-freiem-e-os-erhaeltlich-2602-205501.html
Contrast ADR for Google Security Operations

Feb 17, 2026 8:58 AM

Tags: detection, google, intelligence

<div cla Contrast Security has announced the availability of a new integration between Contrast ADR and Google Security Operations. This collaboration provides security operations centers (SOCs) with high-fidelity runtime application intelligence to accelerate detection and response to sophisticated application-layer threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/contrast-adr-for-google-security-operations/
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft

Feb 17, 2026 8:58 AM

Tags: 2fa, authentication, browser, business, chrome, cyber, google, malicious, mfa, theft, tool

A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to >>remove verification popups<>generate 2FA codes,<< its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […] The…
Ohne Google oder Microsoft arbeiten: Wie gut ist europäische Software im Alltag?

Feb 17, 2026 8:58 AM

Tags: google, microsoft, software

First seen on t3n.de Jump to article: t3n.de/news/wie-gut-ist-europaeische-software-im-alltag-1728129/
260K+ Chrome Users Duped by Fake AI Browser Extensions

Feb 16, 2026 3:58 PM

Tags: ai, browser, chrome, google

30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/chrome-fake-ai-browser-extensions
Leaky Chrome extensions with 37M installs caught divulging your browsing history

Feb 16, 2026 1:58 PM

Tags: browser, chrome, cloud, container, detection, docker, encryption, google, malicious, network, privacy

Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
Google patches Chrome zero-day as in-the-wild exploits surface

Feb 16, 2026 1:58 PM

Tags: browser, chrome, exploit, flaw, google, malicious, zero-day

High-severity CSS flaw let malicious webpages run code inside the sandbox First seen on theregister.com Jump to article: www.theregister.com/2026/02/16/chromes_zeroday/
Leaky Chrome extensions with 37M installs caught shipping your browsing history

Feb 16, 2026 12:58 PM

Tags: browser, chrome, cloud, container, detection, docker, encryption, google, malicious, network, privacy

Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day

Feb 16, 2026 12:58 PM

Tags: browser, chrome, exploit, google, vulnerability, zero-day

A high severity vulnerability in Google Chrome and allows remote attackers to execute code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-patches-new-in-wild-chrome/
Google fixes first actively exploited Chrome zero-day of 2026

Feb 16, 2026 11:58 AM

Tags: browser, chrome, cve, exploit, flaw, google, update, vulnerability, zero-day

Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-day vulnerability, tracked as CVE-2026-2441, in Chrome that is already being exploited in real-world attacks. The flaw is a use-after-free bug in the browser’s CSS component. This is the first…
Google patches Chrome vulnerability with inwild exploit (CVE-2026-2441)

Feb 16, 2026 11:58 AM

Tags: browser, chrome, exploit, google, update, vulnerability

Google released a security update for Chrome to address a high-severity zero”‘day vulnerability (CVE-2026-2441) on Friday. >>Google is aware that an exploit for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/16/google-patches-chrome-vulnerability-with-in-the-wild-exploit-cve-2026-2441/
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix

Feb 16, 2026 10:58 AM

Tags: ai, cybersecurity, data, google, guide, hacker, malware

Cybersecurity experts at Moonlock Lab have discovered a new ClickFix attack. Hackers are using hijacked Google Ads and fake Claude AI guides to trick Mac users into installing the data-stealing MacSync malware. First seen on hackread.com Jump to article: hackread.com/google-ads-claude-ai-macsync-malware-clickfix/
Android 17 beta brings privacy, security, and performance changes

Feb 16, 2026 10:58 AM

Tags: android, google, privacy

Google has released the first beta of Android 17, giving developers an early view of changes to core app behavior, platform tooling, performance, media handling, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/16/android-17-beta-changes-privacy-security/
Google patches first Chrome zero-day exploited in attacks this year

Feb 16, 2026 9:58 AM

Tags: attack, browser, chrome, exploit, flaw, google, update, vulnerability, zero-day

Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-patches-first-chrome-zero-day-exploited-in-attacks-this-year/
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack, Patch Released

Feb 16, 2026 8:58 AM

Tags: attack, browser, chrome, cve, exploit, flaw, google, update, vulnerability, zero-day

Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild.The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on…
Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug

Feb 16, 2026 8:58 AM

Tags: browser, chrome, computer, cve, exploit, flaw, google, update, vulnerability

A critical security vulnerability, CVE-2026-2441, has prompted an urgent out-of-band update for Google Chrome after confirmation that the flaw is being actively exploited. The Hong Kong Computer Emergency Response Team (HKCERT) alerted users to the flaw on 16 February 2026. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-2441-google-chrome/
Chrome 0-Day Enables Remote Code Execution in Ongoing Campaign

Feb 16, 2026 6:58 AM

Tags: browser, chrome, cyber, exploit, google, linux, macOS, remote-code-execution, update, vulnerability, windows, zero-day

Google has released an urgent security update for the Chrome desktop web browser to address a severe high-severity vulnerability that is currently being exploited in the wild. The search giant rolled out the fix on Friday, updating the Stable channel to version 145.0.7632.75/.76 for Windows and macOS users, and version 144.0.7559.75 for Linux users. This…
CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

Feb 15, 2026 5:58 PM

Tags: credentials, google, group, linux, malicious, malware, service, windows

CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized “Ninja Browser.” The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ctm360-lumma-stealer-and-ninja-browser-malware-campaign-abusing-google-groups/
Google-Statistik zeigt: 40 Prozent aller Android-Smartphones erhalten keine Sicherheitsupdates mehr

Feb 15, 2026 8:58 AM

Tags: android, google

First seen on t3n.de Jump to article: t3n.de/news/google-statistik-zeigt-40-prozent-aller-android-smartphones-erhalten-keine-sicherheitsupdates-mehr-1728678/
Suspected Russian hackers deploy CANFAIL malware against Ukraine

Feb 14, 2026 12:58 PM

Tags: apt, attack, defense, google, government, group, hacker, intelligence, malware, military, russia, service, threat, ukraine

A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional…
Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Feb 13, 2026 9:58 PM

Tags: attack, google, LLM, macOS, malware, threat

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/claude-llm-artifacts-abused-to-push-mac-infostealers-in-clickfix-attack/
Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Feb 13, 2026 9:58 PM

Tags: attack, google, LLM, macOS, malware, threat

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/claude-llm-artifacts-abused-to-push-mac-infostealers-in-clickfix-attack/
State Hackers Turn Google AI Into Attack Acceleration Tool

Feb 13, 2026 7:58 PM

Tags: ai, attack, china, cyberattack, exploit, google, hacker, intelligence, iran, korea, malware, north-korea, social-engineering, tool

China, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle. State-backed hackers weaponized Google’s artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/state-hackers-turn-google-ai-into-attack-acceleration-tool-a-30751
State Hackers Turn Google AI Into Attack Acceleration Tool

Feb 13, 2026 7:58 PM

Tags: ai, attack, china, cyberattack, exploit, google, hacker, intelligence, iran, korea, malware, north-korea, social-engineering, tool

China, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle. State-backed hackers weaponized Google’s artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/state-hackers-turn-google-ai-into-attack-acceleration-tool-a-30751
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Feb 13, 2026 6:58 PM

Tags: attack, defense, google, government, group, intelligence, malware, military, russia, threat, ukraine

A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL.Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and First seen on…
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Feb 13, 2026 6:58 PM

Tags: china, cyber, defense, google, group, intelligence, iran, korea, north-korea, russia, threat

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG).The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense…
Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet

Feb 13, 2026 2:58 PM

Tags: access, attack, corporate, cyber, exploit, google, malicious, microsoft, monitoring, phishing, social-engineering, tool, update

An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “software updates,” which are, in reality, digitally signed remote monitoring and management (RMM) tools that grant attackers full remote access to…
Google fears massive attempt to clone Gemini AI through model extraction

Feb 13, 2026 1:58 PM

Tags: access, ai, api, attack, china, ciso, cybercrime, cybersecurity, defense, exploit, google, government, group, hacker, intelligence, iran, jobs, korea, LLM, malicious, malware, north-korea, phishing, russia, service, social-engineering, threat, vulnerability

Nation-state groups used Gemini to accelerate attack operations: Google sees itself not just as a potential victim of AI cybercrime, but also an unwilling enabler. Its report documented how government-backed threat actors from China, Iran, North Korea, and Russia integrated Gemini into their operations in late 2025. The company said it disabled accounts and assets…