Google confirms data breach exposed potential Google Ads customers' info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. [...]
Stay updated on Google's info security advances, threats, and solutions. Protect your data with the latest insights from our dedicated Google security tag.
Search across headline titles and summaries.
Background for this topic.
Google is a technology company whose ecosystem includes internet services, cloud infrastructure, mobile software, browsers, and productivity platforms. In information security, the tag commonly covers vulnerabilities and security changes across these services, as well as Google’s role as an identity and data-processing provider for organizations.
Material risks include compromised Google accounts, overly permissive cloud identities or APIs, exposed stored data, and unpatched flaws in software such as Android or Chrome. Security teams should track relevant advisories, prioritize patches based on affected assets and exposure, enforce strong authentication and least-privilege access, and review logging for suspicious account or service activity. Google’s collection and processing of user, device, and organizational data also makes privacy controls, retention settings, contractual obligations, and regulatory compliance important. Its vulnerability-disclosure and threat-intelligence work can inform defensive monitoring, but does not replace asset inventory, configuration review, or tested recovery procedures.
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. [...]
Also: US Cyber Grants Are Dwindling; Hybrid Threats Renew Focus on OT ResilienceIn this week’s update, four ISMG editors examined the voice phishing attacks linked to the Google and Cisco breaches, the funding gap in U.S. cybersecurity support for local governments and the implications of hybrid warfare on operational technology resilience.
Not a very smart home: crims could hijack smart-home boiler, open and close powered windows and more. Now fixed Black hat A trio of researchers has disclosed a major prompt injection vulnerability in Google's Gemini large language model-powered applications.…
Hello loophole could let a rogue admin, or a pwned one, inject new facial scans Black Hat Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.…
In 2024, it was Snowflake. In 2025, it's Salesforce. ShinyHunters is back, with low-tech hacks that nonetheless manage to bring down international megaliths like Google, Cisco, and Adidas.
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence.
ShinyHunters suspected in rash of intrusions Google confirmed that criminals breached one of its Salesforce databases and stole info belonging to some of its small-and-medium-business customers.…
Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. [...]
Voice Phishing Attacks on Salesforce Users Remains Repeat ShinyHunters TacticTechnology giants Google and Cisco separately said they've both suffered recent data breaches after attackers socially engineered their employees via voice phishing attacks, leading to a breach of their customer relationship management software, exposing customer data.
Allegations of Improper Data Collection Are Not New for PerplexityArtificial intelligence firm Perplexity is facing allegations it sidestepped long-standing internet norms in pursuit of data. Cloudflare accused the AI search engine startup of positioning itself as a Google alternative, ignoring website restrictions and disguising its scraping activities.
Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild
Google has released security patches for six vulnerabilities in Android's August 2025 security update, including two Qualcomm flaws exploited in targeted attacks. [...]
In a conversation with Dark Reading's Terry Sweeney, Lauren Miskelly from Google explains that Chrome Enterprise is the same Chrome browser that consumers use, but with additional enterprise-grade controls, reporting capabilities, and administrative features.
Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong