Google Introduces Agentic AI to Combat Cybersecurity Threats
Google enhances cybersecurity with Agentic AI, launching Unified Security to fight zero-day exploits, enterprise threats, and credential-based attacks.…
Chrome 136 Fixes 20-Year-Old Privacy Bug in Latest Update
Google has begun rolling out Chrome 136 to the stable channel for Windows, Mac, and Linux, bringing significant security and privacy upgrades to millions of users worldwide. The update, set to be distributed over the coming days and weeks, addresses a …
44% of the zero-days exploited in 2024 were in enterprise solutions
In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, wh…
Google Reports 75 Zero-Day Vulnerabilities Actively Exploited in the Wild
In a comprehensive report released by the Google Threat Intelligence Group (GTIG), 75 zero-day vulnerabilities were identified as actively exploited in the wild throughout 2024, marking a slight decline from 98 in 2023 but an increase from 63 in 2022. …
Government Hackers Are Leading the Use of Attributed Zero-Days, Google Says
Hackers working for governments were responsible for the majority of attributed zero-day exploits used in real-world cyberattacks last year, per new research from Google. From a report: Google’s report said that the number of zero-day exploits — refer…
Google Chrome Vulnerability Allows Attackers to Bypass Sandbox Restrictions – Technical Details Revealed
A severe vulnerability, identified as CVE-2025-2783, has been discovered in Google Chrome, specifically targeting the Mojo inter-process communication (IPC) component on Windows systems. This high-impact flaw, with a CVSS score of 8.8, stems from impro…
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. The researchers from Google Threat Intelligence Group (GTIG) observed that most targeted are end-user platforms, […]
Google Tracked 75 Zero-Days in 2024
The number of exploited zero-days seen by Google in 2024 dropped to 75, from 98 observed in the previous year.
The post Google Tracked 75 Zero-Days in 2024 appeared first on SecurityWeek.
Applying Security Engineering to Prompt Injection Security
This seems like an important advance in LLM security against prompt injection:
Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves. Instead, CaMeL treats language models as fundamentally untrusted components within a secure software framework, creating clear boundaries between user commands and potentially malicious content.
[…]
To understand CaMeL, you need to understand that prompt injections happen when AI systems can’t distinguish between legitimate user commands and malicious instructions hidden in content they’re processing…
‘Read the Manual’: Misconfigured Google Analytics Led to a Data Breach Affecting 4.7M
Slashdot reader itwbennett writes: Personal health information on 4.7 million Blue Shield California subscribers was unintentionally shared between Google Analytics and Google Ads between April 2021 and January 2025 due to a misconfiguration error. Sec…