With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. Unlike direct prompt injections, where… Read More "Mitigating prompt injection attacks with a layered defense strategy"
Books are a reminder that there’s more to life than work In a profession that rarely switches off, books offer CISOs a chance to reflect, recharge, and reconnect with meaning beyond the day job. As a CISO, it’s easy to… Read More "The books shaping today’s cybersecurity leaders"
A data breach occurs when sensitive data is copied, transmitted, viewed, stolen, or accessed by an unauthorized individual. For a security incident to constitute a data breach, the exposure of sensitive data isthe result of a planned cyber attack. The… Read More "What Constitutes a Data Breach?"
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and… Read More "Advancing Protection in Chrome on Android"
Today we’re excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid… Read More "Open Source, Rebuilt to Last"
Posted by Dave Kleidermacher, VP Engineering, Android Security & Privacy Today marks a watershed moment and new benchmark for open-source security and the future of consumer electronics. Google is proud to announce that protected KVM (pKVM), the hypervisor that powers… Read More "Android’s pKVM Becomes First Globally Certified Software to Achieve Prestigious SESIP Level 5 Security Certification"
However, said Randall, “this framing overlooks that these identities are operationally different. While both authenticate and authorize, the tooling, telemetry, RACI, and risk models differ. A single ‘identity plane’ may be the goal conceptually, but practically, it’s hard to implement… Read More "Agentic AI opens door to new ID challenges: Report"
Posted by Eric Lynch, Senior Product Manager, Android Security, and Sherif Hanna, Group Product Manager, Google C2PA Core At Made by Google 2025, we announced that the new Google Pixel 10 phones will support C2PA Content Credentials in Pixel Camera… Read More "How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials"
To address this gap and help the ecosystem with deploying robust defenses, Google has supported academic research and developed test platforms to analyze DDR5 memory. Our effort has led to the discovery of new attacks and a deeper understanding of… Read More "Supporting Rowhammer research to protect the DRAM ecosystem"
