-
Google DeepMind unveils CodeMender to detect, patch and rewrite vulnerable code
DeepMind has unveiled CodeMender, an AI agent that detects, patches and rewrites vulnerable code using Gemini models and an LLM-based critique tool; Google says it has upstreamed 72 fixes and is expanding AI security measures including an AI Vulnerability Reward Program and updates to its Secure AI Framework.
-
Google launches AI Vulnerability Reward Program with bounties up to $30,000
Google this week launched an AI Vulnerability Reward Program offering up to $30,000 for high-quality reports on flaws in its AI products, covering Search, Gemini, Workspace and other AI systems and laying out tiered payouts for issues such as rogue actions and data exfiltration.
-
France fines Google €325 million and Shein €150 million for cookie violations, CNIL says
France’s CNIL fined Google €325 million and Shein €150 million for cookie-consent violations, ordering compliance within six months, as U.S. authorities push parallel privacy actions and other firms face related penalties.
-
Google Confirms Data Breach Linked to Ongoing Salesforce Attacks
Google has confirmed that it suffered a data breach linked to the ShinyHunters extortion group, amidst an ongoing series of Salesforce data theft attacks that have implicated multiple high-profile companies.
-
Google Unveils OSS Rebuild to Enhance Open Source Security Amid Supply Chain Threats
Google has launched OSS Rebuild, a new initiative designed to bolster the security of open-source package ecosystems by providing build provenance and mitigating software supply chain attacks.
-
Google Addresses Critical Zero-Day Vulnerability in Chrome Browser
Google has released security updates to patch a critical zero-day vulnerability in its Chrome browser, tracked as CVE-2025-6554, which has potentially been exploited in the wild. Users are urged to update their browsers to safeguard against possible attacks.
-
Google Enhances AI Security with Layered Defenses Against Prompt Injection Attacks
Google has taken significant steps to enhance the security of its generative AI systems by implementing layered defenses against indirect prompt injections, which pose a new cybersecurity risk. These measures include advanced filtering techniques and a proactive approach to preventing malicious user inputs.
-
Cyber Crime Crew Scattered Spider Targets US Insurance Companies Amid Ransomware Surge
A rise in ransomware attacks targeting US insurance companies has been attributed to the cybercrime group Scattered Spider, prompting warnings from Google about the necessity for heightened security measures within the industry.
-
Google Addresses Vulnerability Exposing Users’ Phone Numbers
A vulnerability in Google’s account recovery process allowed researchers to brute-force phone numbers linked to accounts, posing a significant risk of phishing and SIM-swapping attacks, now patched by the tech firm.
-
Google Warns of Data Extortion Attacks Targeting Salesforce Accounts
Google has alerted companies using Salesforce to the rise of social engineering attacks targeting their platforms, warning that hackers claiming affiliation with the ShinyHunters extortion group are using advanced phishing tactics to steal sensitive data.
