Google rolls out easy end-to-end encryption for Gmail business users
Google has started rolling out a new end-to-end encryption (E2EE) model for Gmail enterprise users, making it easier to send encrypted emails to any recipient. While businesses also have the option to configure the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol to send digitally signed and encrypted messages, this requires significant resources, including deploying certificates to […]
Google fixes Chrome zero-day exploited in espionage campaign
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser’s sandbox and deploy malware in espionage attacks targeting Russian organizations. “Google is aware of reports that an exploit for CVE-2025-2783 exists in the wild,” the company said in a security advisory published Tuesday. Tracked as CVE-2025-2783, this vulnerability was discovered by Kaspersky’s Boris Larin […]
Google Gemini’s Astra (screen sharing) rolls out on Android for some users
At MWC 2025, Google confirmed it was working on screen and video share capabilities for Gemini Live, codenamed “Project Astra”. At that time, Google promised that the feature would begin rolling out soon, and now some users have spotted it in the wild. According to a video shared by a Reddit user who owns a Xiaomi phone with a […]
Google to purchase Wiz for $32 billion in cloud security play
Google announced today a definitive agreement to acquire leading cloud security platform Wiz for $32 billion in an all-cash transaction. Wiz was founded in 2020 and has become one of the largest cybersecurity firms focusing on securing cloud services. The company offers an online cybersecurity platform that connects to different cloud providers, enabling organizations to […]
Google paid $12 million in bug bounties last year to security researchers
Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in 2024. Among last year’s highlights, the company revamped the VRP’s reward structure, bumping rewards up to a maximum of $151,515, while its Mobile VRP now offers up to $300,000 for critical vulnerabilities […]
BadBox malware disrupted on 500K infected Android devices
The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. The BadBox botnet is a cyber-fraud operation targeting primarily low-cost Android-based devices like TV streaming boxes, tablets, smart TVs, and smartphones. These devices either come pre-loaded with the BadBox […]
Google expands Android AI scam detection to more Pixel devices
Google has announced an increased rollout of new AI-powered scam detection features on Android to help protect users from increasingly sophisticated phone and text social engineering scams. The tech giant says these features come in response to AI-assisted scam campaigns that, according to statistics from the Global Anti-Scam Alliance, have defrauded people of over $1 […]
Google fixes Android zero-day exploited by Serbian authorities
Google has released patches for 43 vulnerabilities in Android’s March 2025 security update, including two zero-days exploited in targeted attacks. Serbian authorities have used one of the zero-days, a high-severity information disclosure security vulnerability (CVE-2024-50302) in the Linux kernel’s driver for Human Interface Devices, to unlock confiscated devices. The flaw was reportedly exploited as part of an Android zero-day exploit […]
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. Cellebrite is an Israeli digital forensics company that develops tools used by law enforcement, intelligence agencies, and private companies to extract data from smartphones and other digital […]
Google Cloud introduces quantum-safe digital signatures in KMS
Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. The tech giant says this initiative aligns with the National Institute of Standards and Technology’s (NIST) post-quantum cryptography (PQC) standards, addressing future risks of quantum computing breaking classic encryption schemes. With Google Cloud being used by […]