Security news aggregator

Latest coverage for Google

Stay updated on Google's info security advances, threats, and solutions. Protect your data with the latest insights from our dedicated Google security tag.

179 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Google is a technology company whose ecosystem includes internet services, cloud infrastructure, mobile software, browsers, and productivity platforms. In information security, the tag commonly covers vulnerabilities and security changes across these services, as well as Google’s role as an identity and data-processing provider for organizations.

Material risks include compromised Google accounts, overly permissive cloud identities or APIs, exposed stored data, and unpatched flaws in software such as Android or Chrome. Security teams should track relevant advisories, prioritize patches based on affected assets and exposure, enforce strong authentication and least-privilege access, and review logging for suspicious account or service activity. Google’s collection and processing of user, device, and organizational data also makes privacy controls, retention settings, contractual obligations, and regulatory compliance important. Its vulnerability-disclosure and threat-intelligence work can inform defensive monitoring, but does not replace asset inventory, configuration review, or tested recovery procedures.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 179 Filtered view

EU Forces Google to Give Rival AI Services Android Access and to Share Search DataGoogle sounded security alarms after the European Commission ordered it to open up deep Android functionality to rival artificial intelligence providers, and also to give third-party search providers access to Google Search data. The orders enforce the Digital Markets Act.

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

Mandiant: 68% of Targets Were Higher Ed Institutions Running PeopleSoftShinyHunters exploited a critical zero-day in Oracle PeopleSoft to breach more than 100 organizations globally, researchers at Mandiant and Google's Threat Intelligence Group said, with universities and colleges accounting for the majority of confirmed targets in the active extortion campaign.

Complaint Says Service Generated More Than 1.5 Million Malicious URLsGoogle has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft.

Court Says Google Is Responsible for Content Generated by Its MachinesA German court dealt a blow to Google AI-infused search by deciding that the Big Tech firm is liable for defamatory statements in the AI summaries that increasingly dominate its results. The feature purports to only summarize publicly-available content, but it often hallucinates.

Bank Info Security 1 month, 2 weeks ago

Quantum Sales Pitch Goes From Compute Supremacy to Utility

IBM, Google and Other Firms Are Focusing on Commercial Value as Quantum ProgressesIBM's $10 billion quantum computing push reflects a broader industry effort to move beyond scientific milestones and toward business value. But cybersecurity leaders say vendors should focus less on product narratives and more on meaningful progress.

Fraudsters Tokenize Stolen Cards Into Attacker WalletsGoogle Threat Intelligence Group warned that Chinese-language phishing-as-a-service platforms are using AI, encrypted messaging and real-time OTP interception to bypass multifactor authentication and provision stolen payment cards into attacker-controlled digital wallets worldwide.

Bank Info Security 1 month, 2 weeks ago

Glassworm Group: Software Supply-Chain Attackers Disrupted

Suspected Russian Crime Group Built Resilient Command-and-Control InfrastructureIn a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm cybercrime group, cutting off attackers from victims. The group has wielded a remote access Trojan to repeatedly target developers of widely used open-source software.

Bank Info Security 2 months ago

AI-Built Zero-Day Nearly Powered Mass Attack

Google Says Criminals Used AI to Discover and Code ExploitA cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from scratch, said Google researchers. Google said it worked with the affected vendor to patch the flaw before an attack could be launched.

Bank Info Security 2 months, 2 weeks ago

ISMG Editors: North Korea's Fake Meetings Fuel Crypto Heists

Also: Google’s $40B AI Bet, Insights From Google Next ConferenceIn this week's panel, four ISMG editors discussed North Korea's use of fake video meetings to fuel crypto fraud, Google's $40 billion investment in Anthropic and what it signals for the AI race, and key takeaways from Google Next in Las Vegas on enterprise AI adoption.

Bank Info Security 2 months, 2 weeks ago

Google Bets Up to $40B on Anthropic as AI Compute Race Grows

Google Cloud Capacity Could Help Anthropic Ease Model Growth ConstraintsGoogle's up to $40 billion bet on Anthropic would deepen its role as investor, cloud supplier and Gemini rival while giving the San Francisco-based Claude maker critical compute capacity amid surging demand and scrutiny of circular AI infrastructure deals.

Bank Info Security 2 months, 3 weeks ago

Pharma Giant Merck and Google Cloud Sign $1B Agentic AI Deal

Pact Is Among Other Similar Biotech, AI Firm Collaborations to Speed Up Drug R&DMerck has struck a multi-year deal with Google Cloud worth up to $1 billion to enhance the pharmaceutical and life sciences giant's digital backbone "as an AI-enabled enterprise." The initiative includes deploying an agentic AI platform across R&D, manufacturing, commercial and corporate functions.

Bank Info Security 3 months, 2 weeks ago

Google's 2029 Quantum Deadline Is a Wake-Up Call

Google's Accelerated PQC Timeline Demands Enterprise Action NowGoogle set a public deadline for migrating to post-quantum cryptography, setting a strong signal for IT and security leaders that they too should transition their encryption into more robust algorithms. Enterprises need a migration strategy now before the window closes.

Bank Info Security 3 months, 3 weeks ago

Beyond Intel Sharing: The Push Toward Cyber Disruption

Google Threat Intelligence's Sandra Joyce on AI Threats and Active DefenseSharing threat intelligence is no longer enough - the cybersecurity industry must operationalize it through coordinated takedowns and active disruption, says Sandra Joyce, vice president at Google Threat Intelligence.

Bank Info Security 3 months, 3 weeks ago

How the AI Era Is Reshaping Data Protection

Google's Kristie Chon Flynn on Building Privacy Into the AI Development Life CycleThree years into the modern artificial intelligence revolution, data protection can no longer be an afterthought - it must be engineered in from the start, said Kristie Chon Flynn, data protection officer of privacy, safety, security engineering at Google.

Bank Info Security 3 months, 3 weeks ago

AI Forces CISOs to Rebuild Defense Playbooks

Francis deSouza of Google Cloud on Fighting AI-Driven Threats With AIAI has redrawn the threat landscape for security leaders and forced a new operating model. Francis deSouza of Google Cloud says CISOs must counter faster, AI-driven attacks with AI-led defense, stronger governance and teams fluent in AI.

Iran Expands Targeting, Including AWS, Google and Microsoft InfrastructureMichigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a "faketivist" group run by Tehran.

CRM-Obsessed ShinyHunters Gang Exploits Misconfigured Customer Experience PortalsA prolific and noisy cybercrime gang with a penchant for stealing Salesforce customers' data and holding it ransom is taking advantage of misconfigured guest accounts meant to provide public access to services meant to remain private, using a Google scanning tool to identify vulnerable accounts.

Loading more headlines...