< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 11 of 30

Google patches two Chrome zero-days exploited in attacks

🔒 Google released emergency updates to address two Chrome zero-day vulnerabilities exploited in the wild. The first, CVE-2026-3909, is an out-of-bounds write in the Skia rendering library that can cause crashes or enable code execution; the second, CVE-2026-3910, is an inappropriate implementation issue in the V8 JavaScript/WebAssembly engine. Updates for Chrome Stable are rolling on Windows, macOS, and Linux; users should update promptly. If automatic updates are enabled, the patch will install on next launch.
read more →

Why Context Matters for AI Data Security with SDP Now

🔒 Google Cloud’s Sensitive Data Protection (SDP) now applies advanced AI context classifiers and image object detectors to identify and redact sensitive content across text and images. It detects medical and financial contexts, faces, passports, credit cards, and other PII, and can generate redacted versions so organizations keep valuable training data while protecting privacy. SDP supports both Vertex AI tuning and live agent interactions and integrates with Model Armor, Security Command Center, and contact center solutions.
read more →

Reduce 429 Errors and Build Resilient Vertex AI Apps

⚠️ Building LLM applications on Vertex AI can trigger 429 errors when request rates exceed available throughput, degrading user experience and increasing retries. This article explains consumption options—Standard and Priority PayGo, Provisioned Throughput, Flex PayGo, and Batch—and prescribes five operational practices: smart retries, global model routing, context caching, prompt optimization, and traffic shaping. Combining these approaches (for example PT for critical real-time traffic and Batch for latency-tolerant jobs) helps preserve performance and control costs.
read more →

Google paid $17.1M to security researchers in 2025

💰 Google paid $17.1 million to 747 security researchers in 2025 through its Vulnerability Reward Program, an all-time annual high and more than a 40% increase over 2024. The company said it has awarded over $81.6 million in bounties since 2010, with the top single reward reaching $250,000. In 2025 Google launched an AI Vulnerability Rewards Program, added AI-focused categories to the Chrome VRP, and introduced a rewards track for OSV-SCALIBR. Program-specific payouts included Android & Google Devices (~$2.9M), Chrome (~$3.72M), and Cloud (~$3.57M).
read more →

GSEC Summit 2026: Building Safer, Balanced Teen Experiences

🛡️ At the Growing Up in the Digital Age Summit in Dublin, Google presented product safeguards and policy principles designed to support teen digital wellbeing, emphasizing defaults like SafeSearch and private YouTube uploads as baseline protections. The company announced improvements to Family Link, a unique option to set Shorts time to zero for supervised teens, and additional Gemini Apps guardrails for users under 18. It also unveiled a $20 million global initiative to create multilingual, open-source wellbeing resources and urged a risk-based approach to age assurance rather than blanket bans.
read more →

Attackers Abusing Cloud Services to Breach Enterprises

🔐 Attackers increasingly leverage trusted cloud platforms and SaaS APIs to blend malicious activity into routine enterprise traffic. Campaigns such as Gridtide and SesameOp demonstrate adversaries using Google Sheets, OpenAI APIs and cloud storage as covert command-and-control and staging vectors. By operating through legitimate identity systems, management consoles, and ephemeral serverless functions, attackers evade network defenses and static blocklists. The result is harder detection, easier credential harvesting, and persistent access across hybrid environments.
read more →

Google Named Leader in IDC MarketScape for SLG Security

🔒 Google has been named a Leader in the IDC MarketScape: U.S. State and Local Government Professional Security Services 2025–2026 assessment. The recognition highlights Mandiant integration with Gemini AI and Google’s secure, AI-optimized infrastructure to accelerate detection rule generation, attacker script analysis, and incident investigations. The report also notes Mandiant’s full incident lifecycle support—including crisis communications, legal coordination, and board-level reporting—delivered across engagements with Fairfax County, the State of Nevada, and the University of Hawaii.
read more →

Chrome Extensions Turn Malicious After Ownership Transfer

🔒 Two Google Chrome extensions were modified following apparent ownership transfers, allowing attackers to remotely deliver JavaScript payloads, inject code, and harvest sensitive data from users. The affected extensions — QuickLens (~7,000 users) and ShotBird (~800 users) — changed owners in early 2026 and began polling C2 servers for runtime payloads. The update to QuickLens stripped security headers to bypass cross-origin protections, while ShotBird used a fake Chrome-update lure to pivot from browser compromise to host-level execution. Users should remove these extensions, audit browsers, and enterprises should treat extensions as supply-chain risk.
read more →

Build Multimodal AI Agents in the Gemini Live Challenge

🤖 Join the Gemini Live Agent Challenge to build immersive, multimodal AI agents that perceive and respond using speech, vision, and structured data. Get hands-on access to the Gemini Live API, the Agent Development Kit (ADK), Quickstarts, tutorials, and webinars to prototype real-time translators, creative storytellers, or visual UI navigators. Compete for a share of $80,000 in prizes, Google Cloud credits, and opportunities to present at Google Cloud Next ’26. Submissions must use a Gemini model and at least one Google Cloud service; the deadline is March 16, 2026.
read more →

Ultimate Prompting Guide for Nano Banana Models: Tips

🟡 This guide introduces Nano Banana image models—built on the Gemini 3 family—and explains how they combine deep reasoning and live web search to produce precise visuals. It summarizes technical specifications (context windows, resolutions, aspect ratios, supported inputs/outputs), practical prompting best practices, five prompting frameworks, and integration patterns with Veo and Lyria. The guide also highlights multilingual text rendering, provenance safeguards, and workflow tips for creative and production use.
read more →

Google AI updates: Gemini 3.1, Nano Banana 2, and more

🚀 February highlights include new models, tools, and global partnerships. Google introduced Gemini 3.1 Pro and an upgraded Deep Think variant for scientific and engineering problems, alongside visual models such as Nano Banana 2 and creative tools like Lyria 3 and Flow improvements. The company emphasized impact at the AI Impact Summit and announced investments, national partnerships in India, and updates to content-identification tools like SynthID, with access pathways for developers, enterprises, and consumers.
read more →

GTIG: 90 Zero-Day Exploits Observed in 2025, Enterprise Hit

🔐 Google Threat Intelligence Group (GTIG) reports 90 zero-day vulnerabilities were actively exploited in 2025, a 15% increase from 2024. Nearly half targeted enterprise products such as security appliances, networking gear, VPNs, and virtualization platforms. Memory-safety issues comprised 35% of exploited flaws, and commercial spyware vendors overtook state actors as the top zero-day consumers. Google recommends reducing attack surface, continuous monitoring, and rapid patching to detect and contain exploitation.
read more →

Coruna iOS exploit kit moves from surveillance to crime

🔒Researchers at Google’s Threat Intelligence Group uncovered Coruna, a sophisticated iOS exploit kit composed of five exploit chains and 23 individual exploits that migrated from a commercial surveillance customer to suspected state and criminal operators within months. The framework resurfaced with UNC6353 on compromised Ukrainian sites and later powered mass attacks by China-based UNC6691 on fake financial pages. Its payload, tracked as Plasmagrid, injects into the root powerd daemon to exfiltrate cryptocurrency wallets, seed phrases and QR codes. GTIG urges immediate iOS updates, enabling Lockdown Mode where updates are impossible, and has published IoCs on VirusTotal.
read more →

2025 Zero-Day Review: Enterprise Rise and CSV Growth

🛡️ Google Threat Intelligence Group's 2025 review found 90 zero-day vulnerabilities exploited in the wild, down from 2023 but above 2024. Enterprise technologies accounted for a record 48% of zero-days, driven by attacks on networking and security appliances, while browser exploitation fell to historic lows. GTIG highlights growing involvement of commercial surveillance vendors and expanded financially motivated use of zero-days. Defenders are urged to prioritize segmentation, inventory, and rapid mitigation.
read more →

Coruna Exploit Kit Targets Older iPhones in Campaigns

🔐 Researchers at Google's Threat Intelligence Group disclosed the Coruna exploit kit, a complex toolkit that compromises Apple iPhones running iOS 13.0 through 17.2.1 using multiple chained vulnerabilities. The framework contains five full exploit chains and 23 distinct flaws, and includes device fingerprinting, automatic WebKit exploit selection and mitigation bypasses. A final-stage loader called PlasmaLoader focuses on extracting financial data such as QR codes and cryptocurrency recovery phrases. Google recommends updating to the latest iOS release or enabling Lockdown Mode when updates aren’t possible.
read more →

Google Chrome moves to two-week stable release cycle

🔁 With the release of Chrome 153 on September 8, Google will move from a four-week to a two-week release cadence for both beta and stable channels on Desktop, Android, and iOS. Dev and Canary channels remain on their current schedules while an eight-week Extended Stable branch will be preserved for enterprise customers. Google says smaller, more frequent milestones will reduce disruption and simplify post-release debugging. Users can expect more frequent feature rollouts and occasional restart prompts, and weekly security updates will continue under the August 2023 model.
read more →

Coruna: Powerful iOS Exploit Kit and Its Proliferation

🔍 Google Threat Intelligence Group describes Coruna, a sophisticated iOS exploit kit containing five full exploit chains and 23 exploits that target iOS 13.0 through 17.2.1. The kit combines WebKit RCEs, PAC/PPL bypasses, and a root-capable loader called PlasmaLoader that exfiltrates financial data and cryptocurrency wallet information. GTIG observed deployments by both suspected state-backed and financially motivated actors and added affected domains to Safe Browsing. Users are urged to update iOS or enable Lockdown Mode if updates are not possible.
read more →

OAuth redirect abuse lets phishers hide malicious pages

🔗 Microsoft warns attackers are abusing a legitimate OAuth redirect behavior to send victims from trusted identity-provider endpoints—like Microsoft Entra ID and Google Workspace—to attacker-controlled landing pages. Phishing lures such as e-signature requests, HR notices, Teams invites and password resets embed links that point to real authorization endpoints but use broken parameters (for example, prompt=none plus invalid scopes) so the provider silently redirects to a malicious URI. Microsoft has disabled multiple malicious OAuth apps, published client IDs and initial redirect IOCs, and supplied KQL hunting queries for Defender XDR customers. Analysts say the old advice to “hover and check the link” is no longer sufficient and urge validating context and tightening OAuth governance.
read more →

Google Announces MCP Toolbox Java SDK for Databases

🧰 The new Java SDK for the Model Context Protocol (MCP) Toolbox for Databases delivers type-safe, production-grade agent orchestration for Java and Spring Boot environments. It integrates with 42+ data sources, including AlloyDB, Cloud SQL, and Cloud Spanner, and simplifies secure, parameterized mappings from natural language intents to database operations. The SDK is designed for stateful, high-concurrency transactional agents and leverages Application Default Credentials for zero-config security.
read more →

Google Patches Android Zero-Day in Qualcomm Display

🔒 Google released March 2026 Android updates addressing 129 security flaws, including an actively exploited zero-day, CVE-2026-21385, in a Qualcomm display Graphics subcomponent. Qualcomm says the bug is an integer overflow/wraparound that local attackers can use to trigger memory corruption. Google also fixed 10 critical System/Framework/Kernel vulnerabilities and published two patch levels (2026-03-01 and 2026-03-05); Pixel devices receive fixes immediately while other vendors may take longer to roll them out.
read more →