An anonymous reader quotes a report from Ars Technica: Google spent the last few years locked in a legal grudge match with Epic Games, which claimed that Google's stewardship of the Play Store was anticompetitive. Now, the companies are thick as thieves, and Google is beginning to implement app store changes as agreed in its settlement with Epic. The lower developer fees and new payment options that Google promised are rolling out in select markets this month before expanding. [...] Starting on June 30, developers in Europe, the UK, and the US will have access to the new fee structure. This system will split the commission into two components: billing and service fees. The biggest win for small developers is the new flat 10 percent service fee for the first $1 million in earnings every year. Above that, the rate for various transaction types may reach 25 percent on existing installs. Apps installed after June 30 will top out at 20 percent. Developers will finally be allowed to send users outside the Play Store to complete a transaction, too. Google says they can design a choice screen "in accordance with our UX guidelines" to direct users to these external options. Devs pay the standard service fee on these purchases, but they'll avoid the billing fee. All transactions that run through Google's Play Store platform add a 5 percent billing fee -- even the base rate for publishers earning less than $1 million. Google notes that the billing fee is set at 5 percent in the initial markets, but it could be different in other regions. Google will expand the new fee structure globally through September 2027, while also offering reduced fees through updated developer programs. Although the changes may let developers retain more revenue, Google will continue controlling Android distribution and collecting a share of sales as it works toward allowing certified third-party app stores to operate more like the Play Store.

Read more of this story at Slashdot.

Google is rolling out new privacy controls for Search services and Google Play, giving you more control over saved history and personalized recommendations. [...]

TeamPCP is on a rampage through open-source software.

In less than four months, the threat actor has compromised and injected malicious code into more than 1,000 software packages. The extraordinary spree has transformed how software developers and maintainers distribute and manage their code, as their dependencies and repositories have become one of the most effective and prevalent attack vectors this year.

While there has been a host of technical exploits, TeamPCP’s greatest attack has been the uprooting of trust — repeatedly proving that most organizations fail to verify the code they ingest into their systems is legitimate, abusing a nearly blind faith that much of the software development industry relies on to power today’s modern economy.

Starting with Trivy in February, TeamPCP’s attacks have shaken that trust many times over.

The scale of TeamPCP’s attacks lies partly in the automated systems companies use to deploy code, like CI/CD pipelines. It is also capitalizing on new security gaps created by developers’ increasing reliance on AI. Yet, with relatively low effort and unoriginal tactics, TeamPCP is wrecking open-source frameworks and underlying systems at levels the technology community has rarely reckoned with.

“Developers didn’t do a great job of analyzing the security of their open-source dependencies before but, now with AI, there’s in some cases virtually no human in the loop or any kind of sanity check on what these tools are doing,” Feross Aboukhadijeh, founder and CEO at Socket, told CyberScoop.

“You have agents installing packages that haven’t been vetted,” he said. “When an attacker gets in, the impact is even broader because there’s less checks and balances to stop it from affecting everybody.”

TeamPCP hasn’t identified a new problem or proved anything novel. The crux of these attacks hinge on a central theme — defensive vulnerabilities the entire software industry has known about for years. Researchers and developers know the open source trust model is broken and susceptible to sabotage. Yet, the software industry has not fixed this problem. 

“The speed and scale of these attacks is what makes it most notable, not necessarily the methodology behind it, because at the core it is really about exploiting third-party trusts that we have,” said Kimberly Goody, senior manager at Google Threat Intelligence Group.

Software packages are typically subjected to intensive security monitoring to test for vulnerabilities and poisoned updates before they are released to live environments. 

Yet, the real vulnerability highlighted by TeamPCP lies further up the chain of command with the organizations or individuals that publish these packages to the wider market, according to Nathaniel Quist, manager of cloud threat intelligence at Palo Alto Networks.

“It is their responsibility to secure their credentials and not provide a jump off point to trigger a supply-chain event,” he said. “Everything that interacts with or crosses through that zone must be highly monitored and controlled to ensure a compromise can be contained quickly and easily.”

TeamPCP’s motivation

TeamPCP, like any prolific cybercriminal, has captured significant attention from threat hunters since it emerged in late 2025. Google attributes the activity to one core operator.

The company said it traced TeamPCP’s residential and mobile IP address connections to South Africa, indicating the primary operator was located there during at least some of its attacks.

“We don’t believe that there’s an established core group, at least not yet, and that a lot of this has been conducted by an individual,” Goody said. Google declined to name the core operator or confirm it knows the person’s true identity. 

Palo Alto Networks said the core manager of TeamPCP uses the “ResoluteXBF” handle on multiple platforms. The cybersecurity firm is also tracking two additional core members: “diencracked” and “Shinigami.”

If TeamPCP is primarily run by one person, law enforcement has a rare opportunity to make a lasting impact with a single arrest.

TeamPCP has collaborated with other cybercriminals, but most of those partnerships were short-lived and ended in a public feud or otherwise failed to get off the ground in any meaningful way, Goody said.

Researchers have linked TeamPCP to extortion crews, dark web forums and affiliates including Lapsus$, ShinyHunters, Vect, DragonForce, BreachForums and “HasanBroker.” TeamPCP listed about 4,000 private code repositories on a dark web forum with an asking price of $95,000.

The actions to date, including unpredictable behavior, indicate motivations beyond financial gain and a “clear desire for notoriety,” Goody said. “They seem to like to make chaos.”

Quist draws the same conclusion from his months-long investigation, noting that it encourages other cybercriminals to get in on the action, at one point offering financial rewards for the largest software supply-chain attack. 

TeamPCP isn’t in the game for extortion payments, he said. “These actors are more interested in the underground street cred they are gaining” and “causing as much damage and mayhem as possible.”

Victims abound, but exposure limited

TeamPCP has been remarkably noisy, opportunistically injecting malware into open-source software for the purpose of stealing credentials for Kubernetes environments, Amazon Web Services, Microsoft Azure, Google Cloud and many other connected services.

The group’s claimed victim list is staggering: Checkmarx, Bitwarden, LiteLLM, Telnyx, Mercor AI, PyTorch Lightning, AntV, SAP, GitHub, TanStack, UiPath, MistralAI, Microsoft DurableTask, Red Hat and Nx Console.

The full collection of packages compromised or poisoned by TeamPCP to date accounts for roughly 500 million weekly downloads combined, according to Quist.

While the breadth of potential downstream compromise flowing from those downloads is substantial, many endpoints infected with those malware-riddled packages aren’t exposed to the internet and less susceptible to attack, he added.

“I don’t think there’s going to be a very extremely large number of victims,” Quist said. “There’s going to be a lot of people who potentially could be compromised and have potentially vulnerable packages in their environment, but that doesn’t necessarily mean they’re in an exploitable position.”

While these incidents have grabbed headlines, TeamPCP hasn’t accumulated payouts nearly as large as other cybercriminals. The broader reputational impact it has wrought, however, is massive.

TeamPCP has publicly claimed more than 10,000 victims and about $90,000 in extortions, according to Quist.

“They might not be making a lot of money, but they are causing a lot of impact,” Goody said. “Their campaigns have been very disruptive.”

How TeamPCP’s operating model targets development

TeamPCP’s victim list has grown as its hijacked open-source repositories on npm, PyPI, GitHub and other outsourced developer tools that are incorporated into upstream code running in production environments.

Developer laptops and other endpoints that are assigned to install, build and publish software widely contain keys and access to source code that create incredibly valuable supply-chain targets for attackers, Amitai Cohen, head of the attack vector intel team at Wiz, explained during a June presentation on TeamPCP at SleuthCon in Arlington, Va. 

The group targets CI runners, which are automated systems that build, test, and publish code. TeamPCP injects malware into the code repositories these runners maintain. When other developers pull that code into their own systems, they unknowingly download the malware alongside it. 

Some of these artifacts, including Python libraries, npm registries and GitHub Actions, are downloaded almost immediately by thousands or millions of developers who’ve set their runners up to consistently pull the latest version, according to Cohen. “We as a security industry have taught them that that is the right thing to do. You want to use the latest version because you want to be protected against vulnerabilities, and obviously you want to benefit from all the latest features.”

That instinct is exactly what TeamPCP exploits. By compromising one company’s CI/CD workflow, the group gains access to every downstream user who automatically pulls that infected code. “This is what allows [TeamPCP] to leverage initial access to some patient zero, some company that had a vulnerability in their CI/CD workflow, in order to gain access to their downstream users,” Cohen said. “That’s just how the software supply chain works. Everything has dependencies upon dependencies upon dependencies.”

Some of the packages compromised by TeamPCP were live for almost 13 hours, but security practitioners have responded by identifying code-injection attacks much quicker now, pulling some compromised repositories within 15 minutes, said Ben Read, director of strategic intelligence at Wiz.

The threat group’s operations remain high-tempo. TeamPCP infects new software packages almost daily, validates compromises and captures sensitive data within 24 hours, according to Wiz researchers.

The threat group has consistently evolved its tactics, developing payloads in JavaScript and Python while spreading from local files to Kubernetes application programming interfaces and bundled software development kits. Most recently, it’s been stealing credentials via custom protocols. 

The group’s ambitions have expanded beyond its own attacks. TeamPCP is also responsible for a self-replicating piece of malware known as Mini Shai-Hulud, which infected hundreds of software packages across open-source registries in back-to-back attack sprees last month. A TeamPCP affiliate published the full source code for the malware on GitHub last month and encouraged other cybercriminals to use it for their own campaigns.

“TeamPCP is going for volume. They are not being discriminating, they’re not necessarily trying to be stealthy or trying to maximize ROI. They’re going for an all-of-the-above strategy,” Read said during the Sleuthcon presentation.

Defensive gaps create openings for attack

TeamPCP’s attack spree has also underscored how difficult it is for organizations to revoke compromised secrets. Multiple victims have experienced recurring infections, sometimes falling prey to TeamPCP three times within a month, because they didn’t rotate secrets properly, Cohen said. 

At its core, these attacks highlight a direct trade-off organizations accept when they update software quickly to fix vulnerabilities, but learn that doing so too quickly could expose them to illegitimate registries containing malware.

TeamPCP has targeted what Aboukhadijeh describes as a “public good,” open-source registries that were never perfect but widely trusted and rarely turned into a point of entry for supply-chain attacks. 

Rapid open source software installation is one of the most dangerous things an organization can do right now, he said, adding that there’s a roughly 1 in 10 chance that any package installed by an organization could trigger an active attack. 

TeamPCP has compromised security scanners, password managers, automation tools, data visualization software, and CI/CD infrastructure across various environments.

And it’s lifted a trove of credentials and other sensitive data from victims.

Researchers like Cohen at Wiz, who have been tracking this attack spree since the beginning, are nearing a breaking point. 

“This is also too hard on us. We’re very tired. I’m sure a lot of people working on this problem space are very tired, and it’s just kind of become untenable,” Cohen said.

“You can’t keep existing in a world where you wake up every morning and some super prevalent package is compromised and everybody’s just going to be using it like nothing,” he added. “We need to start taking this a bit more seriously.”

The post How software development’s speed obsession enabled TeamPCP’s chaos crusade appeared first on CyberScoop.

Google threat hunters spotted yet another Chinese state-sponsored espionage group that for years had burrowed into systems belonging to government and private organizations to steal data across academia, medicine, military, cybersecurity and foreign policy. 

Google Threat Intelligence Group discovered the previously unknown threat group UNC6508, which targeted organizations in the United States and Canada, in late 2025 but traced its earliest known compromise back to September 2023. 

The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to pre-position for potential sabotage, intercept research and steal data with national security implications. These groups working at the behest of China’s government, including UNC6508, operated in stealth for years before authorities or researchers discovered their activity.

“We don’t know the full extent or impact of the campaign,” Patrick Whitsell, senior security engineer at GTIG, told CyberScoop. Researchers said the threat group intruded a medical research university in September 2023, stole credentials and communications, and remained active on the institution’s systems through November 2025 when it was discovered.

Google said it confirmed multiple victims compromised with INFINITERED, a custom backdoor the threat group deployed on targeted networks to steal administrative credentials after it exploited externally facing REDCap (Research Electronic Data Capture) servers.

Researchers still don’t know how UNC6508 gained initial access to the REDCap servers. Google said the survey and database software, which was created at Vanderbilt University and issued multiple patches for critical remote-code execution vulnerabilities throughout 2023, is widely used across the medical research community. 

“Given the breadth of the threat actor’s intelligence collection criteria and their ability to remain undetected within compromised networks for more than a year, we assess the known victims likely represent only a fraction of a larger campaign,” Whitsell said. “We also assess that this highly capable threat actor will remain active and continue to be a threat to the defense, technology and medical industries for the foreseeable future.”

Google said the campaign targeted clinical providers, academic medical centers and U.S. military health institutions, demonstrating advanced capabilities from a threat group that doesn’t currently overlap with any other publicly known groups.

The threat group abused domain compliance rules to steal data, a technique that doesn’t rely on malware or living-off-the-land tools, and routed traffic through U.S.-based IPs to blend in with legitimate traffic, researchers said.

“We have some evidence to suggest this is a large threat group with multiple sub-teams, but this is not confirmed,” Whitsell said.

Like other previously identified China state-sponsored espionage groups, UNC6508 remains active.

Google said it disrupted some of UNC6508’s known infrastructure by disabling an Gmail account it used to exfiltrate data, notified the affected organizations and helped remediate compromises before it published research on UNC6508’s activities.

Whitsell said several unconfirmed instances of compromise remain under investigation.

The post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appeared first on CyberScoop.

The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses.

The post FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service appeared first on SecurityWeek.

The FBI, along with Google and Lumen Technologies, took down a major cybercrime network based in China that was responsible for an estimated $1.9 billion in losses, officials said Friday. 

Outsider, which provided phishing kits and hosted infrastructure for cybercriminals since July 2023, facilitated a wave of phishing attacks against people and businesses in 55 countries, including the United States, the FBI said in a LinkedIn post.

The jointly coordinated effort dubbed “Operation Ghost Hook” netted the seizure of several domains of the group’s core admin servers, a Shopify storefront, roughly $100,000 from Outsider payment wallets and thousands of domains registered through U.S.-based providers, officials said.

The FBI said it also used an Outsider Telegram bot to access information on the cybercrime network’s customers.

“The criminals behind Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims,” Brett Leatherman, assistant director of the FBI’s cyber division, said in a statement.

Authorities traced Outsider’s phishing domains to nearly 3.9 million stolen credit cards.

Google, one of the vendors impersonated by the phishing kits, described Outsider as a massive AI-powered operation. 

Outsider provided its phishing kit, which allowed cybercriminals to create fake sites and phishing campaigns to steal credit cards, bank account credentials and personal data, for a weekly subscription as low as $88 per week, the company said in a civil lawsuit it filed to dismantle the cybercrime network’s infrastructure. 

The China-based group behind the operation encouraged and provided step-by-step instructions for customers to use Gemini and other AI platforms to generate custom code for phishing lures and corresponding sites for illegitimate missed packages, overdue highway tolls, parking violations, issues with a brokerage account or wireless carrier rewards.

“The Outsider software allows scammers to request multiple types of verification from victims, including SMS, PIN, email and app verification,” Google wrote in the lawsuit filed in the U.S. District for the Southern District of New York. “This flexibility enables the enterprise to defeat various forms of authentication security.”

Google said it’s working with AT&T, T-Mobile and Verizon to intercept the spam messages before they reach customers, but these types of phishing attacks are prevalent and have been spreading for years. 

Google is also pushing for legislative action, including a series of bills, to combat these scams, General Counsel Halimah DeLaine Prado wrote in a blog post.

“Litigation alone won’t end this,” she wrote. “As threats evolve, our laws must, too.”

Google said it doesn’t know the real names of the people or entities involved in Outsider, but said the operation is supported by multiple cybercrime groups providing different roles with overlapping infrastructure.

The FBI said the takedown was part of Operation Riptide, an ongoing campaign targeting cybercriminals and the infrastructure and financial networks they use to commit fraud.

The post FBI takes down massive China-based cybercrime network that caused $1.9B in losses appeared first on CyberScoop.

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the start of the year. [...]

Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

A Google security engineer was arrested in New York and charged with crimes related to bets he allegedly placed on Polymarket using confidential information he pulled from Google systems, the Justice Department said Wednesday. 

Michele Spagnuolo, a 36-year-old Italian citizen who lives in Switzerland, is accused of placing multiple trades on the prediction marketplace last year that netted him a profit of more than $1.2 million. He allegedly abused internal access to Google’s nonpublic Year in Search data and placed a series of bets on the most searched people on Google in 2025.

“Today’s charges reinforce a decades-old message: corporate insiders cannot use confidential information to turn a profit in our markets,” Jay Clayton, U.S. attorney for the Southern District of New York, said in a statement Wednesday. “Insider trading compromises the integrity of our markets, and the American people want this greed-driven conduct investigated and prosecuted.”

Spagnuolo was charged with violating the Commodity Exchange Act, wire fraud and money laundering, which carry a combined maximum sentence up to 50 years in prison. 

He was also served with a civil complaint by the Commodity Futures Trading Commission that accused him of insider trading. The government agency is seeking restitution, disgorgement, civil monetary penalties, trading and registration bans and a permanent injunction against further regulation violations. 

Spagnuolo has been employed as a security engineer at Google since 2014, where he built products, specifications and led multiple projects in the information security unit, according to his company bio, which has since been taken down. 

A Google spokesperson said the company is working with law enforcement on its investigation. “The employee accessed our marketing material using a tool available to all employees, but using such confidential information to place bets is a serious breach of our policies,” the spokesperson said in a statement. “We’ve placed the employee on leave and will take the appropriate action.”

Spagnuolo did not respond to a request for comment.

In a complaint unsealed Wednesday, a federal investigator said Spagnulo, who used the “AlphaRaccoon” user name on Polymarket, took deliberate steps to conceal his use of nonpublic information, including efforts to obscure the source and ownership of his proceeds. 

Prosecutors noted that Google’s internal software tool, which provided Spagnuolo access to search trends, bore a banner that stated “Google Confidential” in red text, adding that Spagnuolo confirmed he understood the company’s various confidentiality and ethics policies to access the data. 

Spagnuolo allegedly created his Polymarket account in May 2024 and placed a series of trades between later that year risking approximately $2.75 million on 25 outcomes that the market treated as unlikely.

The FBI said it traced Spagnuolo’s Polymarket account to a cryptocurrency wallet he allegedly used to fund the account and initiate multiple transfers. Spagnuolo is also accused of sending multiple transactions through a cryptocurrency swapping service that were received by an account in his name linked to his Italian government ID card. 

Spagnuolo allegedly changed his Polymarket username to an alphanumeric wallet address in early December, after Google released its Year in Search results and multiple users on Discord and X speculated the person between the account was a Google insider.

The post Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket appeared first on CyberScoop.

New AI Threat Defense platform combines capabilities from Mandiant, Wiz and Gemini to help customers fight AI with AI.

The post Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks appeared first on SecurityWeek.

CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday. 

The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to obscure the botnet’s operations and remain resilient against disruptions.

CrowdStrike and partners took down infrastructure, severed access to the botnet’s most critical services, impeded operation momentum and slowed the attackers’ ability to scale, Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, told CyberScoop.

“The broader goal is sustained pressure that forces the adversary to spend time, resources, and operational energy reconstituting infrastructure instead of targeting victims,” Meyers added. “By exposing tradecraft and sharing intelligence, defenders can harden developer environments, CI/CD pipelines, and software supply chains against similar activity. That raises the operating cost for the adversary and gives defenders an advantage.”

Glassworm has targeted software developers in order to access source code repositories, cloud platforms, integration and delivery processes, and open-source package registries to push malware into the supply chain and trigger compromises downstream. 

The threat group behind the botnet, which is likely based in Russia, according to CrowdStrike, fed malware into VSCode extensions, npm and Python packages and more than 300 GitHub repositories, researchers said. 

Glassworm affected Windows, macOS and Linux systems with data and credential theft, and a remote-access tool called GlasswormRAT.

“What stood out about Glassworm was the operational sophistication around propagation and automation,” Meyers said. “This wasn’t just a smash-and-grab compromise of a package repository. The operation was designed to move through trusted developer workflows in a way that could expand reach very quickly if left unchecked.”

The botnet relied on four layered channels that CrowdStrike disrupted, including the Solana blockchain, BitTorrent’s peer-to-peer network, Google Calendar and virtual private servers hosted by commercial providers. 

“As part of our disruption efforts, we are working with partners to bring more pain to attackers, especially when we see them abusing our products or targeting our users,” John Hultquist, chief analyst at Google Threat Intelligence Group, said in a post on X.

Piotr Kijewski, CEO of the Shadowserver, said the non-profit organization assisted with some analysis and data sharing but noted the disruption was mostly CrowdStrike work.

The countermeasures took down “the connective tissue of the operation to create cascading operational pain,” Meyers said. “This forces the adversary to rebuild, while exposing tradecraft.”

CrowdStrike said the takedown demonstrates how the security industry can effectively thwart supply-chain threats by proactively disrupting the precise infrastructure attackers use without waiting for lengthy judicial processes. 

“When threat actors operate from jurisdictions where law enforcement cooperation is limited or nonexistent, disruption becomes one of the most effective tools available. If you can’t put handcuffs on the operator, you focus on dismantling the infrastructure, trust relationships, and operational dependencies,” Meyers added. 

The security company shared indicators of compromise to help organizations hunt for potential infections in their environments and called for other vendors, law enforcement agencies, platform operators and the open-source ecosystem to muster equal determination in responding to threats in the software supply chain.

“The more visibility and alignment you create across the ecosystem, the harder it becomes for the actor to quietly stand the operation back up,” Meyers said. “You may not eliminate the threat actor entirely, but you can absolutely reduce effectiveness, limit reach, and raise the cost of doing business.”

The post CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain appeared first on CyberScoop.

More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’.

The post Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI appeared first on SecurityWeek.

Google has announced a new AI-powered search tool. I’ve seen many reactions, ranging from questioning how is this better to how will this drive revenue for Google. But I also know that many of us had turned to tools like perplexity.ai as their new go-to search tool. Rather than curating your own topics, we are […]

Foxconn, one of the world’s largest manufacturers of electronics sold by major tech vendors, is recovering from a cyberattack that disrupted some of the company’s factories in North America.

Nitrogen, a ransomware group that’s known for targeting organizations in the manufacturing, construction and technology sectors, claimed responsibility for the attack on its data leak site and said it stole 8 terabytes of data spanning more than 11 million files. 

The threat group posted screenshots of some of the allegedly stolen data and claimed it compromised “confidential instructions, projects and drawings from Intel, Apple, Google, Dell, Nvidia and many other projects.” 

Foxconn is famously known as the primary assembler of Apple iPhones. Apple and the other companies allegedly impacted by the attack did not respond to a request for comment.

A spokesperson for Foxconn confirmed some of its factories in North America suffered a cyberattack, and said its cybersecurity team immediately responded to the breach by implementing additional “measures to ensure the continuity of production and delivery.”

The spokesperson did not answer questions about when the attack occurred or what systems or data was impacted, but noted that “affected factories are currently resuming normal production” as of Tuesday. 

Nitrogen was first observed in 2023, using ALPHV, one of the most prevalent ransomware variants at that time, Cynthia Kaiser, senior vice president at Halcyon’s Ransomware Research Center, told CyberScoop. The group started using stolen code from Conti, another formerly prolific ransomware variant, in 2024 to build its own custom attack tools to hit Windows and VMware server environments, she added.

The threat group has most recently focused on companies in the manufacturing and technology sectors. “However, the most recent cases of claims by Nitrogen do not include a working file listing on the leak site and include mostly older images of files,” Kaiser said. “This raises questions about whether Nitrogen is inflating data-theft claims in an attempt to pressure victims into paying higher ransoms.”

Foxconn hasn’t described the nature of the attack or confirmed the existence of a ransom demand. 

Ismael Valenzuela, vice president of threat research and intelligence at Arctic Wolf Labs, said Nitrogen follows a “consistent playbook, stealing data before encrypting systems so they have leverage on multiple fronts, combining operational disruption with the threat of sensitive information being exposed.”

The threat group’s tactics indicate it’s not opportunistic, but rather “operating with a defined model, focusing on organizations that are easier to access but still critical enough to drive pressure and payment,” Valenzuela added. 

Foxconn, also known as Hon Hai Precision Industry with headquarters in Taiwan, is among the world’s largest companies with $259 billion in revenue last year, the company said. Foxconn’s North American footprint includes multiple factories in Mexico, Wisconsin, Ohio, Texas, Virginia and Indiana.

The post Major tech manufacturer Foxconn confirms cyberattack hit North American factories appeared first on CyberScoop.

Google launched a feature for Android phones Tuesday for dedicated forensic logs about intrusions from sophisticated attacks like those by spyware vendors, in what design partners at Amnesty International hailed as an important first.

The tech giant has been ramping up the new feature, Intrusion Logging, since last year, and has now begun rolling it out.

“The new intrusion logging feature promises to be a major aid to digital forensics researchers undertaking investigations into sophisticated attacks on Android devices,” Amnesty International said in a Tuesday technical briefing. “This is the first time a major device vendor has released a feature specifically to enhance the ability to forensically detect and respond to advanced digital threats.”

To date, independent investigators have relied on records and often short-lived log files that weren’t meant for forensic use, and Amnesty said surveillance groups have grown increasingly aware of those forensic efforts. Intrusion Logging, a feature of Android Advanced Protection Mode, is designed specifically to keep track of possible intrusions for forensic purposes. It keeps records of security incidents like device unlocking, physical access and spyware installation and removal.

Google’s annual security and privacy update for Android phones mentions the feature and its development with Amnesty International, Reporters Without Borders and others. It also touts new protections against banking scam calls, other features for detecting suspicious activity on Android phones, additional privacy safeguards and more.

The firm has been working on the feature since announcing it last year.

“Intrusion Logging enables persistent and privacy-preserving forensics logging to allow for investigation of devices in the event of a suspected compromise,” wrote Eugene Liderman, director of Android security and privacy.

Intrusion Logging joins an expanding slate of features from tech companies to fight sophisticated attacks like those from commercial spyware, among them Apple’s Lockdown Mode and Memory Integrity Enforcement and WhatsApp’s Strict Account Settings.

Intrusion Logging “promises to help shift the balance to the advantage of defenders, providing civil society investigators with the key evidence needed to detect and expose some of the most advanced attacks facing journalists and activists,” said Donncha Ó Cearbhaill, head of the Amnesty International Security Lab, “With Intrusion Logging Google is the first major vendor to proactively address to challenge of detecting advanced attacks on device. By making more consensual forensic data available for researchers, we can make life more difficult for attackers and help civil society seek accountability when their devices are unlawfully targeted by spyware and mobile data extraction tools.”

The feature has some limitations, though, Amnesty said in its technical briefing. It requires Android 16 and is only available for now on Pixel devices; the device has to be linked to a Google account, and the logs may include sensitive information, like browser navigation history, so secure sharing of the logs is important.

The logs may also be deletable by attackers, Ó Cearbhaill told CyberScoop, but he said he understands there are plans to strengthen protections against that in future versions. And lots of attacks would be detectable in the logs where attackers wouldn’t necessarily have the root access needed to try to delete logs, he said.

To enable Intrusion Logging, users need to be using Android Advanced Protection Mode, and can find the feature at Settings > Security & privacy > Advanced Protection > Intrusion Logging. If users suspect some kind of security incident, they’ll need to export and share the logs with a forensic analyst.

The post Google and Amnesty International teamed up to make it harder for spyware vendors to hide appeared first on CyberScoop.

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.

As it does on the second Tuesday of every month, Microsoft today released software updates to address at least 118 security vulnerabilities in its various Windows operating systems and other products. Remarkably, this is the first Patch Tuesday in nearly two years that Microsoft is not shipping any fixes to deal with emergency zero-day flaws that are already being exploited. Nor have any of the flaws fixed today been previously disclosed (potentially giving attackers a heads up in how to exploit the weakness).

Sixteen of the vulnerabilities earned Microsoft’s most-dire “critical” label, meaning malware or miscreants could abuse these bugs to seize remote control over a vulnerable Windows device with little or no help from the user. Rapid7 has done much of the heavy lifting in identifying some of the more concerning critical weaknesses this month, including:

• CVE-2026-41089: A critical stack-based buffer overflow in Windows Netlogon that offers an attacker SYSTEM privileges on the domain controller. No privileges or user interaction are required, and attack complexity is low. Patches are available for all versions of Windows Server from 2012 onwards.
• CVE-2026-41096: A critical RCE in the Windows DNS client implementation worthy of attention despite Microsoft assessing exploitation as less likely.
• CVE-2026-41103: A critical elevation of privilege vulnerability that allows an unauthorized attacker to impersonate an existing user by presenting forged credentials, thus bypassing Entra ID. Microsoft expects that exploitation is more likely.

May’s Patch Tuesday is a welcome respite from April, which saw Microsoft fix a near-record 167 security flaws. Microsoft was among a few dozen tech giants given access to a “Project Glasswing,” a much-hyped AI capability developed by Anthropic that appears quite effective at unearthing security vulnerabilities in code.

Apple, another early participant in Project Glasswing, typically fixes an average of 20 vulnerabilities each time it ships a security update for iOS devices, said Chris Goettl, vice president of product management at Ivanti. On May 11, Apple shipped updates to address at least 52 vulnerabilities and backported the changes all the way to iPhone 6s and iOS 15.

Last month, Mozilla released Firefox 150, which resolved a whopping 271 vulnerabilities that were reportedly discovered during the Glasswing evaluation.

“Since Firefox 150.0.0 released, they have been on a more aggressive weekly cadence for security updates including the release of Firefox 150.0.3 on May Patch Tuesday resolving between three to five CVEs in each release,” Goettl said.

The software giant Oracle likewise recently increased its patch pace in response to their work with Glasswing. In its most recent quarterly patch update, Oracle addressed at least 450 flaws, including more than 300 fixes for remotely exploitable, unauthenticated flaws. But at the end of April, Oracle announced it was switching to a monthly update cycle for critical security issues.

On May 8, Google started rolling out updates to its Chrome browser that fixed an astonishing 127 security flaws (up from just 30 the previous month). Chrome automagically downloads available security updates, but installing them requires fully restarting the browser.

If you encounter any weirdness applying the updates from Microsoft or any other vendor mentioned here, feel free to sound off in the comments below. Meantime, if you haven’t backed up your data and/or drive lately, doing that before updating is generally sound advice. For a more granular look at the Microsoft updates released today, checkout this inventory by the SANS Internet Storm Center.

Google researchers found a zero-day exploit developed by artificial intelligence and alerted the susceptible vendor to the imminent threat before a well-known cybercrime group initiated a mass-exploitation campaign, the company said in a report released Monday.

The averted disaster probably isn’t the first time attackers used AI to build a zero-day, but it is the first time Google Threat Intelligence Group found compelling evidence that this long-predicted and worrying escalation in vulnerability-exploit development is underway.

“We finally uncovered some evidence this is happening,” John Hultquist, chief analyst at GTIG, told CyberScoop. “This is probably the tip of the iceberg and it’s certainly not going to be the last.”

Google declined to identify the specific vulnerability, which has been patched, or name the “popular open-source, web-based administration tool” it affected. It did, however, note that the defect impacted a Python script that allows attackers to bypass two-factor authentication for the service.

Researchers also withheld details about how they discovered the zero-day exploit or the cybercrime group that was preparing to use it for a large-scale attack spree.

The threat group has a “strong record of high-profile incidents and mass exploitation,” Hultquist said, suggesting the attackers are prominent and well-known among cybersecurity practitioners. 

GTIG is fairly confident the threat group was using AI in a meaningful way throughout the entire process, but it has yet to determine if the technology also discovered the vulnerability it ultimately developed into an exploit.

Whichever AI model the attackers used — Google is confident it wasn’t Gemini or Anthropic’s Mythos — left artifacts throughout the exploit code that are inconsistent with human developers. This evidence, which included documentation strings in Python, highly annotated code and a hallucinated but non-existent CVSS score, tipped Google off to the fact AI was heavily involved, Hultquist said. 

GTIG has been warning about and expecting AI-developed exploits to hit systems in the wild, especially after its Big Sleep AI agent found a zero-day vulnerability in late 2024.

“I think the watershed moment was two years ago when we proved this was possible,” Hultquist said, adding that there are probably several other AI developed zero-days in play now. 

Yet, to him, the discovery of a zero-day exploit developed by AI is less concerning than what this single instance forebodes even further.

“The game’s already begun and we expect the capability trajectory is pretty sharp,” Hultquist said. “We do expect that this will be a much bigger problem, that there will be more devastating zero-day attacks done over this, especially as capabilities grow.”

The post Google spotted an AI-developed zero-day before attackers could use it appeared first on CyberScoop.

The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group.

The post Google Detects First AI-Generated Zero-Day Exploit appeared first on SecurityWeek.

Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. [...]