Google says hackers are abusing Gemini AI for all attacks stages
State-backed hackers are using Google’s Gemini AI model to support all stages of an attack, from reconnaissance to post-compromise actions. Bad actors from China (APT31, Temp.HEX), Iran (APT42), North Korea (UNC2970), and Russia used Gemini for target profiling and open-source intelligence, generating phishing lures, translating text, coding, vulnerability testing, and troubleshooting. Cybercriminals are also showing increased interest […]
Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks
Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific individuals. Tracked as CVE-2026-20700, the flaw is an arbitrary code execution vulnerability in dyld, the Dynamic Link Editor used by Apple operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. Apple’s security bulletin warns […]
U.S. convicts ex-Google engineer for sending AI tech data to China
A U.S. federal jury has convicted Linwei Ding, a former software engineer at Google, for stealing AI supercomputer data from his employer and secretly sharing it with Chinese tech firms. Ding was originally indicted in March 2024 after he lied and didn’t sincerely cooperate with Google’s internal investigation, leading to his arrest in California. According to the […]
Mandiant details how ShinyHunters abuse SSO to steal cloud data
Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. As first reported by GeekFeed, threat actors are impersonating corporate IT and helpdesk staff and calling employees directly, claiming that MFA settings […]
Google disrupts IPIDEA residential proxy networks fueled by malware
IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners. The action included taking down domains associated with IPIDEA services, infected device management, proxy traffic routing. Additionally, intelligence has been shared on the IPIDEA software development kits (SDK) […]
Google rolls out Android theft protection feature updates
Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves. These updated Android theft protection features build on the company’s existing anti-theft defenses introduced in October 2024 to protect users before, during, and after theft attempts. “Phone theft is more than just losing a device; it’s a form […]
WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious payloads. The security issue is a path traversal flaw that leverages Alternate Data Streams (ADS) to write malicious files to arbitrary locations. Attackers have exploited this in the past to plant malware in the Windows […]
ShinyHunters claim to be behind SSO-account data theft attacks
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into entering their […]
Google says Gemini won’t have ads, as ChatGPT prepares to add them
OpenAI recently started testing ads in ChatGPT in the United States if you use $8 Go subscription or a free account, but Google says it does not plan to put ads in Gemini. In a statement to Alex Health, Google DeepMind CEO Demis Hassabis confirmed that Gemini won’t get ads, at least for now. However, Google is not […]
Google Chrome tests Gemini-powered AI “Skills”
Google is testing “Skills” for Gemini in Chrome, which will allow AI in Chrome to perform tasks automatically. Gemini in Chrome on desktop has been rolling out in the US for a while now. Right now, Chrome’s Gemini acts as an AI “helper” inside the browser. When you’re on a webpage, you can open Gemini and […]