Google Cloud to make MFA mandatory by the end of 2025
Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security. Google Cloud is a product designed for businesses, developers, and IT teams to build, deploy, and manage applications and infrastructure in the cloud. The mandatory MFA rollout will affect both admins and any […]
Google fixes two Android zero-days used in targeted attacks
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. “There are indications that the following may be under limited, targeted exploitation,” says Google’s advisory. The CVE-2024-43047 flaw is […]
Over 200 malicious apps on Google Play downloaded millions of times
Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads. The data was collected between June 2023 and April 2024 by threat intelligence researchers at Zscaler, who identified and analyzed malware families both on Google Play and other distribution platforms. […]
Google warns uBlock Origin and other extensions may be disabled soon
Google’s Chrome Web Store is now warning that the uBlock Origin ad blocker and other extensions may soon be blocked as part of the company’s deprecation of the Manifest V2 extension specification. “This extension may soon no longer be supported because it doesn’t follow best practices for Chrome extensions,” reads the Chrome Web Store page for […]
Google removes Kaspersky’s antivirus software from Play Store
Over the weekend, Google removed Kaspersky’s Android security apps from the Google Play store and disabled the Russian company’s developer accounts. Users have been reporting over the last week that Kaspersky’s products (including Kaspersky Endpoint Security and VPN & Antivirus by Kaspersky) are no longer available on Google Play in the United States and other world regions. Kaspersky confirmed the issue on the company’s official forums on […]
Fake WalletConnect app on Google Play steals Android users crypto
A crypto draining app mimicking the legitimate ‘WalletConnect’ project has been distributed over Google Play for five months getting more than 10,000 downloads. The malicious app used the name WallConnect and posed as a lightweight Web3 tool with various blockchain functionalities, offering to act as a proxy between cryptocurrency wallets and decentralized applications (dApps). The real […]
Google sees 68% drop in Android memory safety flaws over 5 years
The percentage of Android vulnerabilities caused by memory safety issues has dropped from 76% in 2019 to only 24% in 2024, representing a massive decrease of over 68% in five years. This is well below the 70% previously found in Chromium, making Android an excellent example of how a large project can gradually and methodically move to […]
New Android malware ‘Necro’ infects 11 million devices via Google Play
A new version of the Necro malware loader for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks. This new version of the Necro Trojan was installed through malicious advertising software development kits (SDK) used by legitimate apps, Android game mods, and modified versions of popular software, such as Spotify, […]
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. Passkeys, which use biometric authentication such as fingerprints, facial recognition, or screen locks, provide a more secure and convenient alternative to traditional passwords, significantly reducing the risk of data breaches. […]
New Vo1d malware infects 1.3 million Android streaming boxes
Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. The Android Open Source Project (AOSP) is an open source operating system led by Google that can be used on mobile, streaming, and IoT devices. In a new […]