Security

AI threats in the wild: The current state of prompt injections on the web

Thu, 23 Apr 2026 12:48:00 +0000

We initiated a broad sweep of the public web to monitor for known indirect prompt injection patterns. This is what we found.

Bringing Rust to the Pixel Baseband

Fri, 10 Apr 2026 09:56:00 +0000

Google is continuously advancing the security of Pixel devices.

Protecting Cookies with Device Bound Session Credentials

Thu, 09 Apr 2026 19:25:00 +0000

Following our April 2024 announcement, Device Bound Session Credentials (DBSC) is now entering public availability for Windows users on Chrome 146, and expanding to macO…

Google Workspace’s continuous approach to mitigating indirect prompt injections

Thu, 02 Apr 2026 19:14:00 +0000

Indirect prompt injection (IPI) is an evolving threat vector targeting users of complex AI applications with multiple data sources, such as Workspace with Gemini. This t…

VRP 2025 Year in Review

Tue, 31 Mar 2026 18:58:00 +0000

2025 marked a special year in the history of vulnerability rewards and bug bounty programs at Google: our 15th anniversary 🎉🎉🎉! Originally started in 2010, our vulnerabi…

Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android

Wed, 25 Mar 2026 18:43:00 +0000

Modern digital security is at a turning point. We are on the threshold of using quantum computers to solve "impossible" problems in drug discovery, materials science, an…

Cultivating a robust and efficient quantum-safe HTTPS

Fri, 27 Feb 2026 18:19:00 +0000

Today we're announcing a new program in Chrome to make HTTPS certificates secure against quantum computers. The Internet Engineering Task Force (IETF) recently created a…

Staying One Step Ahead: Strengthening Android’s Lead in Scam Protection

Wed, 25 Feb 2026 18:09:00 +0000

As scammers evolve their tactics and create more convincing and personalized threats, we’re using the best of Google AI to stay one step ahead.

Staying One Step Ahead: Strengthening Android’s Lead in Scam Protection

Wed, 25 Feb 2026 15:17:00 +0000

We’ve shared how Android’s proactive, multi-layered scam defenses utilize Google AI to protect users around the world from over 10 billion suspected malicious calls and …

Keeping Google Play & Android app ecosystems safe in 2025

Thu, 19 Feb 2026 17:00:00 +0000

The Android ecosystem is a thriving global community built on trust, giving billions of users the confidence to download the latest apps. In order to maintain that trust…

New Android Theft Protection Feature Updates: Smarter, Stronger

Tue, 27 Jan 2026 16:59:00 +0000

Phone theft is more than just losing a device; it's a form of financial fraud that can leave you suddenly vulnerable to personal data and financial theft. That’s why we'…

HTTPS certificate industry phasing out less secure domain validation methods

Wed, 10 Dec 2025 20:00:00 +0000

Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process and issuance practices behind it. Recently, the…

Further Hardening Android GPUs

Tue, 09 Dec 2025 17:00:00 +0000

Last year, Google's Android Red Team partnered with Arm to conduct an in-depth security analysis of the Mali GPU, a component used in billions of Android devices worldwi…

Architecting Security for Agentic Capabilities in Chrome

Mon, 08 Dec 2025 18:03:00 +0000

Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challenges and opportunities with AI. Billions of people trust Ch…

Android expands pilot for in-call scam protection for financial apps

Wed, 03 Dec 2025 16:59:00 +0000

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle. Over the last few years, we’ve launched industry-leading …

Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing

Thu, 20 Nov 2025 17:00:00 +0000

Technology should bring people closer together, not create walls. Being able to communicate and connect with friends and family should be easy regardless of the phone th…

Rust in Android: move fast and fix things

Thu, 13 Nov 2025 16:59:00 +0000

Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in new code quickly yields durable and compounding gains. This year we lo…

How Android provides the most effective protection to keep you safe from mobile scams

Thu, 30 Oct 2025 16:59:00 +0000

As Cybersecurity Awareness Month wraps up, we’re focusing on one of today's most pervasive digital threats: mobile scams. In the last 12 months, fraudsters have used adv…

HTTPS by default

Tue, 28 Oct 2025 17:01:00 +0000

One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Ch…

Accelerating adoption of AI for cybersecurity at DEF CON 33

Wed, 24 Sep 2025 18:42:00 +0000

Empowering cyber defenders with AI is critical to tilting the cybersecurity balance back in their favor as they battle cybercriminals and keep users safe. To help accele…