Google Big Sleep has published reports detailing several fixed vulnerabilities in the Linux kernel. The post provides a link to the full list of issues they discovered and addressed. This information is relevant for anyone concerned about Linux security.

Google is suing over 25 individuals linked to Lighthouse, a phishing service that enables scammers to impersonate trusted brands and steal payment card data via text messages. The suit aims to disrupt a network known for targeting over a million victims worldwide, using sophisticated tactics to enroll stolen card information into mobile wallets.

Researchers discovered a vulnerability called WhisperPair that lets attackers remotely access and control Fast Pair-enabled headphones, allowing for eavesdropping and location tracking. This flaw affects devices from multiple manufacturers and poses a significant security risk. Google is aware of the issue and is working on patches, but many users may not receive updates promptly.

This article details how an indirect prompt injection in Google's Antigravity code editor can exploit vulnerabilities to steal sensitive data from users. It describes the process by which malicious code can bypass security settings and exfiltrate credentials through a browser subagent. The piece highlights Google's acknowledgment of these risks and the inherent dangers of using the software without proper safeguards.

This article examines how Device Code Phishing exploits the OAuth 2.0 authentication process used by Microsoft and Google. It details the mechanics of the attack, illustrating how attackers can trick users into providing access tokens through a seemingly legitimate flow. The comparison highlights the different security postures of the two identity providers.

Google is shutting down its dark web reports feature in February. Launched in 2023, the service provided users with lists of partially redacted personal data found on the dark web but proved to have little practical value for security. The company concluded that users cannot effectively act on this information.

Google hired NCC Group to evaluate its Private AI Compute system, which aims to enhance mobile AI capabilities using cloud resources while maintaining user privacy. The review included two phases: an architecture assessment and a detailed security analysis of various components, involving ten consultants over 100 person-days.

The article details a vulnerability found in Google Calendar that allows attackers to bypass privacy controls using natural language prompts embedded in calendar invites. This exploit demonstrates the challenges of securing AI-integrated applications, where malicious intent can be hidden in seemingly benign language.

Google is rolling out new agentic features in Chrome that can perform tasks like booking tickets and shopping. To ensure user security, it employs models that assess actions, restricts access to certain sites, and requires user consent for sensitive tasks. The company is also testing its systems against potential attacks.

Google is rolling out a "high-friction" sideloading process for Android, aimed at increasing user awareness about the risks of installing apps from unverified sources. While users can still opt to install without verification, this will come with additional steps to ensure they understand the potential dangers. The long-term impact on sideloading accessibility remains uncertain.

Google is addressing the growing threat of indirect prompt injection attacks on generative AI systems, which involve hidden malicious instructions in external data sources. Their layered security strategy for the Gemini platform includes advanced content classifiers, security thought reinforcement, markdown sanitization, user confirmation mechanisms, and end-user security notifications to enhance protection against such attacks.

Google Gemini's Command-Line Interface (CLI) has been found to be vulnerable to prompt injection attacks, allowing for potential arbitrary code execution. This security flaw raises concerns about the safety and reliability of utilizing AI models in various applications.

Google has introduced new AI tools designed to enhance security for Chrome users, specifically targeting phishing and scam threats. These tools aim to proactively identify and block malicious sites, thereby improving the overall safety of browsing experiences for users worldwide.

Google has warned users of the Salesloft Drift AI chat agent that their security tokens may be compromised following a breach that allowed attackers to access Google Workspace accounts. The situation is more extensive than initially reported, prompting Google to revoke affected tokens and disable integrations, while Salesloft has not yet updated its security guidance to reflect the new findings.

Google plans to implement a verification process for all Android developers to enhance security and trust within its app ecosystem. This new measure aims to prevent fraudulent apps and protect users from malicious software. The initiative is part of Google's ongoing efforts to improve safety in the Android platform.

Hackers are leveraging Google.com to distribute malware that evades traditional antivirus software, raising significant security concerns. Users are advised to employ various protective measures to safeguard their systems against these threats.

Google has resolved a critical bug that posed a risk of inadvertently exposing users' private phone numbers through its services. The company acted quickly to patch the vulnerability after it was discovered, ensuring that user privacy is maintained.

The article discusses recent leaks related to Google's phone models, highlighting security vulnerabilities and concerns regarding data privacy. It emphasizes the implications these issues may have for users and the potential impact on Google's reputation in the tech industry.

Significant vulnerabilities in Google's Gemini AI models have been identified, exposing users to various injection attacks and data exfiltration. Researchers emphasize the need for enhanced security measures as these AI tools become integral to user interactions and sensitive information handling.

Scale AI faced significant challenges with spam and security while working with Google, particularly during the training of its Gemini AI program. Internal documents reveal that unqualified contractors submitted poor-quality work, often evading detection and raising concerns about the integrity of the data provided to Google. Despite assurances from Scale AI, the situation highlighted major lapses in their vetting and security protocols.

Security researchers at Trail of Bits have discovered that Google's Gemini tools are vulnerable to image-scaling prompt injection attacks, allowing malicious prompts to be embedded in images that can manipulate the AI's behavior. Google does not classify this as a security vulnerability due to its reliance on non-default configurations, but researchers warn that such attacks could exploit AI systems if not properly mitigated. They recommend avoiding image downscaling in agentic AI systems and implementing systematic defenses against prompt injection.

Google is implementing a security feature in Chromium that prevents Google Chrome from running with administrative permissions by automatically "de-elevating" the browser upon launch. This change, inspired by a similar feature in Microsoft's Edge browser, aims to mitigate security risks associated with running the browser as an administrator, which can lead to malicious files executing with full system access.

Google is offering rewards for identifying AI-related security vulnerabilities as part of its ongoing effort to enhance the safety of its artificial intelligence technologies. This initiative encourages researchers and developers to report potential weaknesses, thereby strengthening the overall security framework of AI applications.

Google is leveraging advancements in AI to combat online scams across its platforms, including Search, Chrome, and Android. By enhancing their detection systems and implementing on-device models like Gemini Nano, they aim to significantly reduce scams such as phishing, tech support fraud, and deceptive notifications while adapting to new threats in real-time.

Google Chrome will introduce an automatic password update feature by 2025, enhancing user security by ensuring passwords are regularly refreshed without manual intervention. This development aims to streamline the management of passwords, reducing the risk of breaches due to outdated credentials.

Google Gemini for Workspace can be exploited through prompt-injection attacks that generate misleading email summaries, potentially leading users to phishing sites without attachments or direct links. Researcher Marco Figueroa revealed this vulnerability, highlighting how hidden instructions in emails can manipulate Gemini's output, prompting users to trust false security alerts. Google is aware of the issue and is implementing defenses against such attacks.

A significant vulnerability in Google's Quick Share feature has been patched, addressing potential risks that could compromise user security. The update reinforces the importance of keeping software up to date to mitigate threats from exploits targeting such functionalities.

Google has announced that its AI-based bug hunter has successfully identified 20 security vulnerabilities, enhancing the company's commitment to improving software security. This innovative tool aims to streamline the process of detecting potential threats in various applications.

Google Chrome will require user permission by default to access insecure HTTP websites starting with the release of Chrome 154 in October 2026. This change aims to enhance security by encouraging users to connect via HTTPS and reduce the risk of man-in-the-middle attacks. Users will have the option to enable warnings for public or both public and private sites, with the expectation that most websites are already secured with HTTPS.

Google is introducing a new security feature for Android devices that automatically reboots locked devices after three days of inactivity, enhancing protection against data extraction by forensic tools. This update aims to keep user data encrypted in the Before First Unlock (BFU) state for longer periods, complicating unauthorized access during forensic investigations. Users can obtain the update through the Google Play store, though it will be rolled out gradually.

Google has introduced the Agent Payments Protocol (AP2) to facilitate secure agent-led transactions in e-commerce, garnering support from over 60 organizations. AP2 uses cryptographically signed digital contracts called Mandates to ensure user authorization and accountability during transactions, addressing security concerns associated with AI agents handling payment details. The protocol supports various payment methods and is available for organizations to implement through Google's public GitHub repository.