Google patches 107 Android flaws, including two being actively exploited

  Google has patched 107 vulnerabilities in Android in its December 2025 Android Security Bulletin, including two high-severity flaws that are being actively exploited. The December updates are available for Android 13, 14, 15, and 16. Android vendors are notified Read More …

Google says hackers stole data from 200 companies following Gainsight breach

Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers’ Salesforce data” — without naming affected companies — that was Read More …

Google Releases Security Update for Chrome

Google has released security updates for Chrome to address two high severity vulnerabilities in the V8 JavaScript engine. CVE-2025-13223 – Type Confusion in V8 – High severity – Google is aware an exploit exists in the wild. CVE-2025-13224 – Type Read More …

1 million victims, 17,500 fake sites: Google takes on toll-fee scammers

A Phishing-as-a-Service (PhaaS) platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit. Lighthouse enables smishing (SMS phishing) campaigns, and if you’re in the US there is a good chance you’ve seen their texts about Read More …

Google warns Gmail users to change passwords after data breach

Google is warning about 2.5 billion Gmail users to change their passwords or install a passkey following a data breach that has led to a surge in “phishing” email attacks. The data breach that prompted the warning reportedly happened at Read More …

Google says UNC6040 hackers stole some of its data following Salesforce breach

Cybercriminals known as ShinyHunters (UNC6040) recently broke into Google and stole business customer information from one of its corporate Salesforce instances, the company has confirmed. In a blog post breaking down ShinyHunters’ modus operandi, the company somewhat played down the Read More …

What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia

In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least April through early June 2025, this actor targeted prominent academics and critics of Russia, Read More …

Google Releases Security Updates for Chrome

Google has released version 137.0.7151.68/.69 for Chrome for Windows and Mac and 137.0.7151.68 for Chrome for Linux which will roll out over the coming days/weeks. The updates address two high severity vulnerabilities in the V8 JavaScript engine. CVE-2025-5419 has a Read More …

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Read More …

EU fines Apple €500M and Meta €200M for breaking Europe’s digital rules

The European Commission issued the first fines under its Digital Markets Act on Wednesday, slapping tech giants Apple and Meta with penalties for breaching the EU’s new digital rulebook. Apple faces a €500 million fine for breaching the regulation’s rules Read More …