Google Threat Intelligence Group

CISA has mandated federal agencies to patch a critical Dell vulnerability within three days, as it is under active exploitation…

Cyber threats against the defense industrial base have evolved from intelligence gathering to actively disrupting manufacturing and supply chains, posing…

State-sponsored hacking groups from China, Iran, North Korea, and Russia are using Google's Gemini AI to conduct reconnaissance, craft phishing…

Nation-state hacking groups from Iran, China, and North Korea are increasingly using AI tools like Google's Gemini to enhance offensive…

Google and partners dismantled the IPIDEA residential proxy network, which was secretly routing malicious traffic through millions of compromised devices…

Google dismantled the IPIDEA residential proxy network, a major tool for cybercriminals to hide malicious traffic by routing it through…

Google dismantled the Ipidea residential proxy network, which was used by over 550 hacker groups to hide attacks by routing…

A critical path traversal vulnerability (CVE-2025-8088) in WinRAR allows attackers to hide malicious files in archives and place them in…

SonicWall has released a critical update for a new, actively exploited local privilege escalation flaw (CVE-2025-40602) in its SMA 1000…

SonicWall has issued an urgent alert for SMA1000 appliance users to apply a critical update, as active attacks exploit a…

Salesforce is investigating a security incident involving unauthorized access to customer data through Gainsight app integrations, leading to revoked tokens…

A major supply chain attack compromised data from over 200 organizations, with Google confirming theft from Salesforce instances through Gainsight…

GlobalLogic notified over 10,000 current and former employees of a data breach after attackers exploited a zero-day vulnerability in Oracle's…

A critical security vulnerability (CVE-2025-12480) in Gladinet's Triofox platform allows attackers to execute malicious code by exploiting improper access control…

AI is dramatically transforming cybersecurity by fueling a surge in automated cybercrime, including sophisticated phishing, voice cloning, and prompt injection…

Google has identified new AI-driven malware families like PromptFlux and PromptSteal that use large language models to dynamically generate malicious…

A critical remote code execution vulnerability (CVE-2025-59287) in Microsoft's WSUS is being actively exploited, affecting Windows Server versions from 2012…

Star Blizzard, a Russian state-sponsored hacking group, has escalated cyber-espionage by hiding malware like NoRobot, YesRobot, and MaybeRobot within fake…

Businesses using Oracle's E-Business Suite are receiving threatening emails from attackers claiming to have stolen data and demanding millions in…

A North Korean hacking group is using EtherHiding, a blockchain-based method that embeds malware in smart contracts, making the blockchain…