New Wave of AiTM Phishing Targets TikTok for Business
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
20 articles
Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration
Cloud Phones Linked to Rising Financial Fraud Threat
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliott, Group Product Manager, Google Play Modern digital security is at a turning point. We are on t...
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Expel has warned of malicious Chrome extensions stealing users’ AI conversations
Crypto Scam "ShieldGuard" Dismantled After Malware Discovery
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
Introduction Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully co...
Android OS-Level Attack Bypasses Mobile Payment Security
Android’s LSPosed-based attack hijacks payment apps via runtime manipulation and SIM-binding bypass
PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio
LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances
Look What You Made Us Patch: 2025 Zero-Days in Review
Written by: Casey Charrier, James Sadowski, Zander Work, Clement Lecigne, Benoît Sevens, Fred Plan Executive Summary Google Threat Intelligence Group (GTIG) ...
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Introduction Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (re...
Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS
Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel
John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist ca...
Cultivating a robust and efficient quantum-safe HTTPS
Posted by Chrome Secure Web and Networking Team Today we're announcing a new program in Chrome to make HTTPS certificates secure against quantum computers. T...
Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation
Staying One Step Ahead: Strengthening Android’s Lead in Scam Protection
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse shared how An...
Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign
Introduction Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecomm...