Google found a new malware called PROMPTFLUX that uses Visual Basic Script to modify itself by interacting with its Gemini AI model. This malware seeks to evade detection by generating obfuscated code and is still in the development phase, lacking the ability to compromise networks. Security experts debate its effectiveness and significance.

Google has introduced new AI detection tools and ransomware defenses for its Workspace for Education platform. These updates aim to help K-12 schools combat rising cyber threats, though concerns remain about the platform's compliance and oversight capabilities.

Google reported that the North Korean group UNC2970 used its AI model, Gemini, for reconnaissance on high-value targets, including cybersecurity firms. This trend of hacking groups leveraging generative AI for malicious purposes raises concerns about the evolving methods of cyber attacks. Google is enhancing its safety measures to counteract these threats.

Two vulnerabilities, named LookOut, discovered in Google Looker can lead to remote code execution and data exfiltration. Attackers with developer permissions can exploit these flaws to fully compromise Looker instances.

At the ESCAL8 conference in New Mexico, Google awarded $458,000 to participants in its Hackceler8 capture the flag event, which featured eight teams selected from over 250 applicants. The event also included a two-day workshop aimed at inspiring local university students to pursue careers in cybersecurity.

Google fixed a serious vulnerability in its Gemini Enterprise AI that allowed attackers to embed malicious instructions in shared documents, leading to unauthorized access to sensitive corporate information. This flaw, discovered by Noma Labs, exploited the AI's retrieval system to execute commands without employee interaction.

Google reported that hackers compromised its Salesforce database, resulting in the theft of sensitive customer data. The breach highlights ongoing vulnerabilities in data security systems and raises concerns among Google’s clients regarding the safety of their information.

Researchers from Tel Aviv University have demonstrated a new type of cyber attack they call "promptware" by using calendar events to manipulate Google's AI, Gemini, into controlling smart home devices. By embedding malicious instructions in calendar appointments, they successfully executed indirect prompt injection attacks, allowing unauthorized control over devices like lights and thermostats. This incident marks a significant shift in how AI vulnerabilities can impact the physical world.

A sophisticated phishing campaign is leveraging weaknesses in Google Sites to spoof Google no-reply email addresses, allowing attackers to bypass email authentication checks. By redirecting users to deceptive Google Sites pages, the campaign exploits the platform's trusted domain and SSL certificates to appear legitimate.

Google's Cybersecurity Disruption Unit is focusing on active defense strategies, including the controversial practice of "hack back" to retaliate against cyber threats. The initiative aims to empower businesses to protect themselves more effectively against cyberattacks while navigating legal and ethical concerns surrounding such actions.

A recent phishing scam has been exploiting Google's email system by using "no-reply" addresses to trick users into revealing sensitive information. The scam takes advantage of legitimate-looking emails to bypass security measures, highlighting the need for better user awareness and email authentication practices. Google has taken steps to improve its security protocols to combat such fraudulent activities.

Google Project Zero has publicly disclosed vulnerabilities in software a week after reporting them to the respective vendors. This decision highlights the ongoing debate about the balance between transparency and responsible disclosure in the cybersecurity community. The vulnerabilities identified pose potential risks to users, emphasizing the importance of timely updates from software developers.

Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.

Google has confirmed that a data breach involving Salesforce's CRM system has occurred, putting customer data at risk. The breach has led to extortion threats against Salesforce, raising concerns about the security of cloud-based services.

Google will stop trusting root CA certificates from Chunghwa Telecom and Netlock in Chrome starting August 1, 2025, due to ongoing compliance failures and lack of improvement. Users visiting sites with these certificates will receive privacy warnings, prompting web administrators to switch to trusted CAs before the change takes effect. This decision follows a trend of tightening security requirements for certificate authorities by Google.

Misconfigured permissions in Google's Gerrit platform may have allowed attackers to inject malicious code into ChromiumOS and other projects. A specific permission issue and a race condition in the merge process potentially left at least 18 projects open to supply chain attacks, enabling malicious code to be merged without user interaction.