ALL NEWS

Research

In-depth security research and analysis

OSV-Scanner V2 HTML output interface showing container vulnerability analysis with severity filters and layer details
Research

Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source

Low
Mar 17Google Security Blog

Titan Security Keys now available in more countries

Low
Mar 26Google Security Blog
Google Sec-Gemini v1 cybersecurity AI model announcement banner with abstract security-themed graphics
Research

Google announces Sec-Gemini v1, a new experimental cybersecurity model

Low
Apr 4Google Security Blog
Android 16 Advanced Protection settings screen showing security features and activation toggle
Research

Advanced Protection: Google’s Strongest Security for Mobile Devices

Critical
May 13Google Security Blog
Chrome settings screen showing Always Use Secure Connections toggle for HTTPS-First Mode
Research

Advancing Protection in Chrome on Android

High
Jul 8Google Security Blog

Android’s pKVM Becomes First Globally Certified Software to Achieve Prestigious SESIP Level 5 Security Certification

Critical
Aug 12Google Security Blog
DEF CON 33 GenSec CTF banner showcasing AI cybersecurity collaboration between Google and Airbus
Research

Accelerating adoption of AI for cybersecurity at DEF CON 33

Critical
Sep 24Google Security Blog
Chrome security settings showing 'Always Use Secure Connections' toggle for HTTPS enforcement
Research

HTTPS by default

Low
Oct 28Google Security Blog

Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing

High
Nov 20Google Security Blog
Android in-call scam warning alert on a mobile banking app screen with a 30-second pause timer.
Research

Android expands pilot for in-call scam protection for financial apps

Critical
Dec 3Google Security Blog

Further Hardening Android GPUs

Critical
Dec 9Google Security Blog

HTTPS certificate industry phasing out less secure domain validation methods

Critical
Dec 10Google Security Blog

Policy and Disclosure: 2025 Edition

Posted by Tim Willis, Google Project Zero In 2021, we updated our vulnerability disclosure policy to the current "90+30" model. Our goals were to drive faster yet thorough patch development, and improve patch adoption. While we’ve seen progress, a significant challenge remains: the time it takes for a fix to actually reach an end-user's device.This delay, often called the "patch gap," is a complex problem. Many consider the patch gap to be the time between a fix bei

Critical
Jul 29Google Project Zero

Welcome to the new Project Zero Blog

While on Project Zero, we aim for our research to be leading-edge, our blog design was … not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero to dust off old blog posts that never quite saw the light of day. And while we wish we could say the techniques they cover are no longer relevant, there is still a lot of work that needs to be done to protect users against zero days. Our new blog will continue to shine a light on the capabilities of atta

Dec 16Google Project Zero

A Cyberattack Was Part of the US Assault on Venezuela

We don't have many details: President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan President Nicolás Maduro. If true, it would mark one of the most public uses of U.S. cyber power against another nation in recent memory. These operations are typically highly classified, and the U.S. is considered one of the most advanced nations in cy

High
Jan 6Schneier on Security

The Wegman’s Supermarket Chain Is Probably Using Facial Recognition

The New York City Wegman's is collecting biometric information about customers.

Jan 7Schneier on Security