Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google Cloud Application Integration phishing campaign

Campaign
First reported
Last updated
Happening score
H score 47
1 unique sources, 1 articles

Summary

Hide ▲

An active phishing campaign abused Google Cloud Application Integration to send messages from a legitimate Google address and push recipients toward a fake Microsoft login page for credential theft. Over 14 days in December 2025, attackers sent 9,394 emails to about 3,200 customers across the U.S., Asia-Pacific, Europe, Canada, and Latin America. The operation used storage.cloud.google[.]com and googleusercontent[.]com to evade filters, and Google has blocked the abuse and is taking further steps.

Related Happenings

Chrome extension PUP distribution network with fake organic traffic

Malware Activity
H score18 First: 15.06.2026 14:07 Last: 15.06.2026 14:07 Sources 1

About this happening: A network of **152 Google Chrome extensions** is distributing a **potentially unwanted program (PUP) family** through new-tab live-wallpaper add-ons, creating a broad browser-base...

Gmail adds enterprise E2EE on Android and iOS

Security Tool/Service
H score15 First: 13.04.2026 11:31 Last: 13.04.2026 11:31 Sources 1

About this happening: **Google Gmail** now offers **end-to-end encryption (E2EE)** for **enterprise users** on **Android and iOS**, adding a concrete privacy control for mobile email. The rollout matte...

Google Gmail adds native end-to-end encryption on Android and iOS for enterprise users

Security Tool/Service
H score11 First: 10.04.2026 13:44 Last: 10.04.2026 13:44 Sources 1

About this happening: Google has rolled out **native Gmail end-to-end encryption** on **Android** and **iOS**, letting enterprise users read and compose encrypted mail in the app without extra tools. T...

QuickLens - Search Screen with Google Lens hit by network compromise

Incident
H score57 First: 28.02.2026 21:18 Last: 28.02.2026 21:18 Sources 1

About this happening: The **QuickLens - Search Screen with Google Lens** Chrome extension was **compromised** and used to **push malware** to about **7,000 users**, creating risk of **credential theft*...

Google confidential AI materials theft and upload

Data Leak
H score31 First: 31.01.2026 19:33 Last: 31.01.2026 19:33 Sources 1

About this happening: Google's **confidential AI materials** were stolen and uploaded to a **personal Google Cloud account**, exposing over **2,000 pages** of sensitive design information. The leak cov...

Timeline

  1. 02.01.2026 11:14 2 articles · 6mo ago

    Google Cloud Application Integration phishing campaign disclosed

    Initial Disclosure

    Cybersecurity researchers disclosed a phishing campaign that abused Google Cloud's Application Integration Send Email task to send messages from noreply-application-integration@google[.]com, impersonating routine Google-generated notices and routing victims through storage.cloud.google[.]com and googleusercontent[.]com to a fake Microsoft login page for credential theft. The activity targeted approximately 3,200 customers with 9,394 phishing emails over a 14-day period observed in December 2025, with affected organizations in the U.S., Asia-Pacific, Europe, Canada, and Latin America, and Google subsequently blocked the phishing efforts and said it was taking more steps to prevent further misuse.

    Show sources