Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. For those unaware, Manifest V3 is Chrome’s latest extension specification and is designed to limit extension access to user network requests, block developers from utilizing remote content, […]
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. The app falls under a group of malicious Android applications called “SpyLoan,” which pretend to be legitimate financial tools or loan services but […]
Google Chrome’s AI-powered security feature rolls out to everyone
Google Chrome has updated the existing “Enhanced protection” feature with AI to offer “real-time” protection against dangerous websites, downloads and extensions. As spotted by Leo on X, the update has been rolled out to Chrome’s stable channel on all platforms after three months of testing in Canary. Enhanced protection, which is part of the Safe browsing feature, isn’t […]
Google fixes flaw that could unmask YouTube users’ email addresses
Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. The flaws were discovered by security researchers Brutecat (brutecat.com) and Nathan (schizo.org), who found that YouTube and Pixel Recorder APIs could be used to obtain user’s Google Gaia IDs […]
Google says hackers abuse Gemini AI to empower their attacks
Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets. Google’s Threat Intelligence Group (GTIG) detected government-linked advanced persistent threat (APT) groups using Gemini primarily for productivity gains rather than to develop or conduct novel AI-enabled cyberattacks that can […]
Google blocked 2.36 million risky Android apps from Play Store in 2024
Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. In addition, 158,000 developer accounts were banned for attempting to publish harmful apps like malware and spyware on Android’s official app store. In comparison, Google blocked 2,280,000 risky apps in 2023 and 1,500,000 […]
Google to kill Chrome Sync on older Chrome browser versions
Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. When enabled, Chrome Sync keeps users’ bookmarks, passwords, history, open tabs, settings, preferences, and, sometimes, Google Pay payment information. It also automatically signs users into Gmail, YouTube, Search, and other Google services. The move was […]
Google launches customizable Web Store for Enterprise extensions
Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees’ web browsers. Malicious Chrome extensions have long been a problem, with scammers and threat actors actively releasing or hijacking existing extensions to include malicious code. Last month, thirty-five extensions were compromised after […]
New Android Identity Check locks settings outside trusted locations
Google has announced a new Android “Identity Check” security feature that lock sensitive settings behind biometric authentication when outside a trusted location. The new feature is part of Anroid’s theft protection suite, which includes features like last year’s Theft Detection Lock, which is now rolling out to more Android device models. The new Identity Check feature is […]
Hackers use Google Search ads to steal Google Ads accounts
Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers’ credentials for the Google Ads platform. The attackers are running ads on Google Search impersonating Google Ads, showing as sponsored results that redirect potential victims to fake login pages hosted on Google Sites but looking like the official Google Ads homepage, […]