< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 12 of 30

Google Confirms Exploited Qualcomm Graphics Flaw in Android

⚠ Google confirmed that CVE-2026-21385, a high-severity buffer over-read in a Qualcomm graphics component used on Android devices, has been observed exploited in the wild. Qualcomm characterizes the defect as an integer overflow that permits memory corruption when user-supplied data is written without checking buffer space. The issue (CVSS 7.8) was reported to Qualcomm by Google's Android Security team on December 18, 2025, and customers were notified on February 2, 2026. Google’s March 2026 security bulletin includes this fix among 129 patches and notes indications of limited, targeted exploitation.
read more →

Chrome WebView Flaw Allowed Malicious Extension Abuse

🔒 Google patched a high-severity WebView policy enforcement bug, CVE-2026-0628 (CVSS 8.8), in early January 2026 that could let a malicious extension inject scripts or HTML into the browser's new Gemini side panel. Discovered by Palo Alto Networks Unit 42 researcher Gal Weizman, the flaw could have enabled privilege escalation to access local files, take screenshots, and turn on camera or microphone without consent. The fix shipped in Chrome 143.0.7499.192/.193 (Windows/Mac) and 143.0.7499.192 (Linux).
read more →

Google unveils Merkle Tree Certificates for Post‑Quantum TLS

🔐 Google is developing Merkle Tree Certificates (MTCs) in Chrome to make HTTPS certificates resilient to future quantum attacks while avoiding the bandwidth cost of adding post‑quantum algorithms to traditional X.509 chains. Working with Cloudflare and the PLANTS working group, Chrome proposes a model where a CA signs a single tree head and browsers receive lightweight proofs of inclusion. Google is running a feasibility study (Phase 1), plans to invite compatible Certificate Transparency logs in Q1 2027 (Phase 2), and aims to finalize requirements and launch a Chrome Quantum‑resistant Root Store (CQRS) and MTC-only root program by Q3 2027.
read more →

Chrome adopts Merkle Tree Certificates for quantum HTTPS

🔐 Chrome has launched an initiative to protect HTTPS from future quantum threats by redesigning certificate mechanics with Merkle Tree Certificates (MTCs). Rather than enlarging X.509 certificates, MTCs use compact Merkle proofs and a single signed tree head to authenticate sites, reducing TLS handshake data and embedding transparency into issuance. Chrome is testing MTCs with Cloudflare and plans a phased rollout through 2027.
read more →

Chrome Gemini Vulnerability Allowed Extension Hijack

🛡 Unit 42 discovered CVE-2026-0628, a high-severity flaw in Chrome's new Gemini Live panel that allowed extensions with only declarativeNetRequest permissions to inject JavaScript into the privileged panel context. That injection could escalate extension privileges to access camera and microphone, read local files, take screenshots and render phishing content inside a trusted browser UI. Google was notified on 2025-10-23 and issued a patch in early January 2026. Palo Alto Networks recommends mitigations such as Prisma Browser and related protections.
read more →

Agentic Autonomous Networks at MWC 2026 — Platform Advances

🚀 At MWC Barcelona, Google Cloud outlines a shift from AI-driven insights to agentic telco operations, showcasing tools that embed AI into network control to achieve Level 4–5 autonomy. The company highlights a dynamic network digital twin, a unified graph data layer using Spanner Graph and BigQuery, and real-time GNN predictions in Vertex AI. New open-source telco data pipelines and two proof-of-value agents — a data steward and autonomous network agents — aim to accelerate trials and reduce legacy bottlenecks.
read more →

Thousands of Google Cloud API Keys Expose Gemini Access

⚠️ Truffle Security found nearly 3,000 Google Cloud API keys (prefix "AIza") embedded in client-side code that can now authenticate to Gemini endpoints when a project enables the Generative Language API. Attackers scraping sites can use exposed keys to access uploaded files, cached contents, and make LLM calls that charge victims' accounts. Google says it has implemented measures to detect and block leaked keys and advises rotating and restricting exposed keys.
read more →

Silent Google API Key Change Exposed Gemini AI Data

🔒 Researchers at Truffle Security discovered that Google Cloud API keys, historically described as simple billing identifiers (prefix Aiza), began functioning as authentication tokens for embedded Gemini AI instances. A Common Crawl scan in November found 2,863 live, publicly exposed keys, including from major firms and Google itself, which could be used to retrieve uploaded files, cached context, or to consume API quota and incur charges. Google confirmed the issue after disclosure, restricted affected keys, and advises administrators to audit and rotate keys.
read more →

Chrome: Merkle Tree Certificates for quantum-safe HTTPS

🔐 Chrome announces a staged program to support quantum-resistant HTTPS by adopting Merkle Tree Certificates (MTCs), which replace long X.509 signature chains with compact Merkle inclusion proofs. The approach reduces bandwidth costs and decouples cryptographic strength from transmitted size, preserving TLS performance. Chrome is testing MTCs with Cloudflare and plans phased deployment with a new Chrome Quantum-resistant Root Store.
read more →

Polyglot Storage for Chatbot Memory on Google Cloud

🧠 This article describes a polyglot storage pattern on Google Cloud to preserve conversational continuity for scaled chatbots. It recommends Memorystore for Redis for sub‑millisecond short‑term context, Cloud Bigtable as a petabyte‑scale mid‑term system of record, and BigQuery for long‑term archival and analytics. The design delegates unstructured artifacts to Cloud Storage and uses an async pipeline to balance low latency and durable persistence. Practical configuration and migration pointers help teams implement responsive, analyzable agent memory.
read more →

Combat API Sprawl with Apigee API Hub Integration Now

🤖 Apigee API Hub and API Gateway now integrate to centralize dispersed API metadata and make specs agent-ready. A new API Gateway–API Hub sync brings OpenAPI definitions and gateway configurations into a single control plane without changing existing services or client behavior. The spec boost add-on analyzes gaps and produces a specboost-draft that enriches specs with examples, parameter validation, and error details. Teams can review boosted and original specs side-by-side before adopting changes.
read more →

How Google Addresses Critical Security Topics, 2026

🛡️ Royal Hansen, VP Engineering at Google, outlines how Google Cloud is confronting emergent cybersecurity risks as AI reshapes the threat landscape. He emphasizes AI-powered malware, supply-chain and training-data poisoning, and governance challenges tied to loss-of-control of AI infrastructure. Google is advancing controls—tamper-proof provenance, model-level protections, Identity and Access Management, and treating prompts like code—while rolling out agentic workflows to augment SOC teams. The post also consolidates recent threat intelligence, incident responses, and practitioner resources.
read more →

Exposed Google API keys can now reveal Gemini AI data

🔓 Google Cloud API keys that were once treated as non-sensitive can now authenticate to the Gemini generative AI assistant, creating a new attack path where keys embedded in client-side JavaScript expose private assistant data. TruffleSecurity discovered nearly 2,800 live, publicly accessible keys across sectors — including financial firms and a Google product — by scanning the November 2025 Common Crawl. Attackers who copy exposed keys can call Gemini endpoints to retrieve data or generate costly API usage; developers should audit projects for the Generative Language API, rotate exposed keys immediately, and use detection tools to prevent abuse.
read more →

Spanner Columnar Engine Preview: Serving Iceberg Lakehouses

🚀 The preview of the Spanner columnar engine enables low-latency serving of Apache Iceberg lakehouse data with Spanner’s horizontal scale and strong consistency. It adds a columnar storage layer and vectorized execution to accelerate analytical scans — Google cites up to 200× faster scans — while isolating heavy analytical queries from transactional workloads. The feature supports on-demand columnar conversion, automatic query routing, and reverse ETL integrations with BigQuery, Databricks, Snowflake and Oracle to make curated analytical data available for real-time applications.
read more →

PayPal Completes Historic Migration to BigQuery for AI

🚀 PayPal completed a multi-year, large-scale migration of more than 300 petabytes of analytics data into BigQuery on Google Cloud to create a unified data foundation for generative AI. The initiative consolidated disparate platforms — including Teradata, Hadoop, Redshift, and Snowflake — and reduced vendor complexity. PayPal automated migration tasks, used live dashboards, and integrated FinOps to maintain zero business downtime while enabling faster queries and much fresher data for AI model training.
read more →

Nano Banana 2 Brings Pro-Level Image AI to Enterprise

🖼️ Nano Banana 2 is Google’s latest image-generation and editing model, delivering Pro-level image quality and fast iteration for enterprise creative workflows. Powered by real-time web search and integrated with Gemini API in Vertex AI, it provides accurate, localized visuals plus premium features like text rendering, translations, and upscaling to 2K/4K. Enterprise-ready provenance is supported via SynthID and interoperable C2PA Content Credentials to surface how AI was used.
read more →

Google Disrupts Prolific China-Linked UNC2814 Campaign

🔒 Google Threat Intelligence Group (GTIG) and partners disrupted UNC2814, a prolific cyber-espionage campaign with suspected links to China that operated since 2017 and targeted governments and telecommunications across multiple continents. Researchers identified a novel backdoor, GridTide, which abused Google Sheets as a covert command-and-control channel to execute shell commands and transfer files. Google terminated attacker-controlled Cloud Projects, disabled accounts, revoked Sheets API access used for C2, and has notified victims while offering remediation support.
read more →

China-linked Hackers Used Google Sheets for Espionage

🛡️ Google disrupted a China-linked espionage group that repurposed Google Sheets as a covert command-and-control channel to manage a custom backdoor tracked as UNC2814 and named GRIDTIDE. The backdoor abused legitimate Sheets API calls to send commands, retrieve stolen data, poll spreadsheets frequently, and wipe rows to erase traces. Mandiant flagged unusual activity on a CentOS server, leading to discovery of intrusions at 53 organizations across 42 countries focused on telecoms and government systems. Google terminated attacker Cloud projects, revoked API access, sinkholed domains, and published IOCs.
read more →

Android expands AI-powered scam protections to devices

🔒 Android is expanding its AI-driven Scam Detection protections for calls and messages, bringing on-device Gemini models to more Pixel and Samsung Galaxy devices. A real-world example describes a Pixel user who avoided a convincing bank scam after receiving a timely Scam Detection warning during the call. Google Messages protections now cover 20+ countries and multiple languages and have improved detection for sophisticated threats like job-offer and romance “pig butchering” scams. Processing occurs on-device, data aren’t stored or shared, and the feature is off by default and excluded for contacts.
read more →

Google Disrupts UNC2814 GRIDTIDE Campaign Targeting Telcos

🔒 Google and industry partners disrupted infrastructure used by suspected China-linked espionage group UNC2814, which deployed a C-based backdoor named GRIDTIDE that abuses the Google Sheets API to conceal command-and-control traffic. GRIDTIDE supports file upload/download and arbitrary shell execution and was observed on endpoints containing PII. Google terminated attacker-controlled Cloud projects, disabled abused accounts, and is notifying impacted organizations while offering support.
read more →