< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 21 of 30

Google fixes new Chrome zero-day exploited in attacks

🔒 Google released an emergency update to address a newly discovered Chrome zero-day, CVE-2025-13223, which is being actively exploited. The high-severity flaw stems from a type confusion vulnerability in Chrome's V8 JavaScript engine and was reported by Clement Lecigne of Google's Threat Analysis Group. Patches are available in versions 142.0.7444.175/.176 for Windows, 142.0.7444.176 for macOS, and 142.0.7444.175 for Linux; users should check About Google Chrome and relaunch to apply the update.
read more →

Google Chrome fixes actively exploited V8 type bug

🛡️ Google has released emergency Chrome updates addressing two V8 engine type confusion flaws, including an actively exploited vulnerability tracked as CVE-2025-13223 (CVSS 8.8) that can lead to arbitrary code execution or crashes. The patch also fixes CVE-2025-13224 flagged by Google's AI agent Big Sleep and completes a set of seven zero-days addressed this year. Users should update Chrome to 142.0.7444.175/.176 (Windows/macOS/Linux) and apply fixes for other Chromium-based browsers when available.
read more →

Google Gemini 3 Appears on AI Studio Ahead of Release

🤖 Google’s Gemini 3 has been spotted in AI Studio, suggesting an imminent rollout that could begin within hours or days. The AI Studio entry references how temperature influences reasoning — noting "For Gemini 3, best results at default 1.0. Lower values may impact reasoning" — and highlights controls such as context size and temperature. Earlier sightings on Vertex AI show a preview build named gemini-3-pro-preview-11-2025, while Google is also testing an image model codenamed GEMPIX2 (Nano Banana 2).
read more →

Google announces Dhivaru subsea cable and regional hubs

📡 Google announced Dhivaru, a new Trans-Indian Ocean subsea cable linking the Maldives, Christmas Island, and Oman, and will build two new connectivity hubs in the Maldives and Christmas Island. The investment builds on the Australia Connect initiative and aims to improve reach, reliability, and resilience across the Indian Ocean, supporting AI services such as Vertex AI. The hubs will provide cable switching, content caching, and colocation to reduce latency, improve availability, and support local ecosystems.
read more →

Analysis of UNC1549 TTPs Targeting Aerospace & Defense

🔍 This joint analysis from Google Threat Intelligence and Mandiant describes UNC1549 activity observed from late 2023 through 2025 against aerospace, aviation, and defense organizations. The group commonly exploited trusted third‑party relationships, VDI breakouts, and highly targeted spear phishing to gain access, then deployed custom backdoors and tunneling tools to maintain stealth. The report provides IOCs, YARA rules, and detection guidance for Azure and enterprise environments.
read more →

Why Attackers Are Phishing Over LinkedIn in 2025: Risks

🔒 LinkedIn has emerged as a major vector for phishing, with a growing share of attacks moving off email and onto social and messaging platforms. Attackers exploit in‑app DMs, account takeovers, and AI automation to target executives and high‑value roles, often aiming to compromise SSO providers such as Microsoft Entra and Google Workspace. Because these messages bypass traditional email security and lack inbox quarantine tools, browser-based defenses and SSO/MFA hygiene are recommended to detect and block evasive campaigns. The article outlines five reasons this shift increases enterprise risk.
read more →

Production-Ready AI with Google Cloud Learning Path

🚀 Google Cloud has launched the Production-Ready AI Learning Path, a free curriculum designed to guide developers from prototype to production. Drawing on an internal playbook, the series pairs Gemini models with production-grade tools like Vertex AI, Google Kubernetes Engine, and Cloud Run. Modules cover LLM app development, open model deployment, agent building, security, RAG, evaluation, and fine-tuning. New modules will be added weekly through mid-December.
read more →

Hands-on with Gemma 3: Deploying Open Models on GCP

🚀 Google Cloud introduces hands-on labs for Gemma 3, a family of lightweight open models offering multimodal (text and image) capabilities and efficient performance on smaller hardware footprints. The labs present two deployment paths: a serverless approach using Cloud Run with GPU support, and a platform approach using GKE for scalable production environments. Choose Cloud Run for simplicity and cost-efficiency or GKE Autopilot for control and robust orchestration to move models from local testing to production.
read more →

Google to Flag Android Apps for Excessive Battery Use

🔋 Google will begin flagging Android apps on Google Play that show high background activity and cause excessive battery drain. The change centers on a new Android Vitals metric called excessive partial wake locks, and apps that cross the bad-behavior threshold may be labeled as battery drainers and lose prominence in discovery surfaces. Developers will receive alerts in their Android Vitals dashboard and have until March 1, 2026 to remediate issues.
read more →

Advancing Text-to-SQL: Gemini's BIRD Benchmark Breakthrough

🚀 Google Cloud reports a new state-of-the-art Single Trained Model Track score on the BIRD benchmark, achieving 76.13 with a fine-tuned Gemini 2.5-pro. The team credits rigorous data filtering, multitask supervised fine-tuning, and test-time self-consistency selection for the gains. These improvements bolster NL2SQL features in AlloyDB AI and BigQuery, and enhance developer tooling such as Gemini Code Assist for reliable SQL generation.
read more →

Google reverses Android developer verification plan

🔁 Google has softened its planned Developer Verification requirements after widespread backlash, saying it will create a dedicated account type for limited app distribution and an advanced sideloading flow for experienced users. The original rule would have blocked installation of apps from unverified developers on certified devices beginning in 2026. Google says these changes respond to concerns from students, hobbyists, and power users who need accessible or higher-risk pathways to install apps.
read more →

Google Sues to Dismantle 'Lighthouse' Smishing Kit

🛡️ Google has filed a civil lawsuit in the Southern District of New York to dismantle Lighthouse, a phishing-as-a-service kit used to power large-scale SMS phishing (smishing) campaigns. The company says the kit — likely run from China and marketed on Telegram — offered more than 600 templates mimicking over 400 organizations and targeted more than one million people across 121 countries. Google is pursuing legal remedies and supporting new legislation while deploying technical protections such as AI-powered scam flagging and expanded account recovery options.
read more →

Google Asks US Court to Shut Down Lighthouse Phishing

🛡️ Google has asked a US court to dismantle infrastructure used by the Lighthouse phishing‑as‑a‑service operation after identifying at least 107 sign‑in templates that mimic Google branding. The service is marketed to attackers who send smishing links and host fraudulent sign‑in pages to harvest credentials. Google also urged Congress to consider GUARD, Foreign Robocall Elimination and SCAM bills to bolster enforcement and funding. The company declined additional comment.
read more →

Google Sues to Dismantle Lighthouse Phishing Platform

⚖️ Google has filed a lawsuit to dismantle the Lighthouse phishing‑as‑a‑service platform accused of enabling global SMS phishing (“smishing”) that impersonates USPS and toll providers. The company says Lighthouse has impacted more than 1 million victims in 120 countries and that similar scams may have exposed up to 115 million U.S. payment cards between July 2023 and October 2024. Google’s complaint invokes federal racketeering, trademark, and computer fraud laws and seeks to seize the infrastructure hosting fraudulent templates that even mimic Google sign‑in screens.
read more →

Google Sues to Dismantle Lighthouse Phishing Platform

🛡️ Google has filed a lawsuit seeking to dismantle Lighthouse, a China-linked phishing-as-a-service platform accused of powering global SMS phishing ("smishing") campaigns that impersonate USPS and E-ZPass. Google says Lighthouse has impacted more than 1 million victims across 120 countries and that phishing templates even display Google's branding to trick users. The company is pursuing federal claims including RICO, the Lanham Act, and the CFAA while expanding AI and product protections.
read more →

BigQuery AI Functions: Reimagining SQL for the AI Era

🤖 BigQuery is introducing managed AI functions in public preview — AI.IF, AI.CLASSIFY, and AI.SCORE — that let analysts apply generative AI directly inside SQL queries. These functions enable semantic filtering and joins, label-based classification of text and images, and natural-language ranking, while BigQuery applies prompt, query-plan, and endpoint optimizations to reduce LLM calls and control cost. They complement existing Gemini inference functions and remove much of the need for complex prompt tuning or separate model selection, making AI-driven analytics more accessible within familiar SQL workflows.
read more →

Emerging Threats Center in Google Security Operations

🛡️ The Emerging Threats Center in Google Security Operations uses the Gemini detection‑engineering agent to turn frontline intelligence from Mandiant, VirusTotal, and Google into actionable detections. It generates high‑fidelity synthetic events, evaluates existing rule coverage, and drafts candidate detection rules for analyst review. The capability surfaces campaign‑based IOC and detection matches across 12 months of telemetry to help teams rapidly determine exposure and validate their defensive posture.
read more →

Bringing Connected AI Work Experiences Across Devices

🚀 Google outlines its plan to embed Generative AI across enterprise platforms and endpoints, integrating Gemini into Chrome Enterprise, Android, Pixel phones and Chromebook Plus devices. The post highlights the general availability of Cameyo by Google to virtualize legacy and modern apps in the cloud and the launch of Gemini in Chrome with enterprise-grade controls. It also previews Android XR and Pixel features powered by Gemini Nano, while expanding data loss prevention and a one-click SecOps integration to help IT secure AI-driven workflows.
read more →

Flexible path to modern EUC with Cameyo by Google Launch

🔒 Cameyo by Google is a cloud-native Virtual App Delivery solution that streams legacy Windows and Linux applications into the browser or publishes them as Progressive Web Apps, avoiding the overhead of full VDI. Paired with Chrome Enterprise Premium, Cameyo brings legacy client apps under a single secure browsing context with advanced DLP and threat protection. IT teams benefit from faster deployments, reduced VPN and infrastructure complexity, and a clear migration path to ChromeOS while preserving critical Windows workloads.
read more →

BigQuery adds MATCH_RECOGNIZE for row-sequence SQL

🔍 BigQuery now supports MATCH_RECOGNIZE, a SQL clause for identifying ordered patterns across rows and time-series data. It lets analysts express complex sequence logic—using PARTITION BY, ORDER BY, PATTERN, DEFINE and MEASURES—inside a single query without heavy joins or external processing. The feature targets use cases like funnels, fraud detection, log sequencing, and financial pattern detection, and is immediately available to all BigQuery users.
read more →