InfoSecBulletin Cybersecurity for mankind
A viral story claims that Google has warned all 2.5 billion Gmail users about account risks due to a recent Salesforce breach, but this is false; no such warning exists.
Microsoft to Build the “World’s Most Powerful AI Data Center”
Fraudsters swipe Tk 27 lakh from SCB cardholders
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State
First-ever AI-powered ‘MalTerminal’ Malware Uses OpenAI GPT-4 to Generate Code
Gmail Data exposes via ChatGPT Deep Research Agent dubbed “ShadowLeak Zero-Click” Flaw
Cyber attack disrupts several European airports: check-in and boarding systems affected
Hacker claim to breach Link3; 189,000 Users data up for sale
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
Google has now responded, that “unfortunately, several inaccurate claims surfaced this week incorrectly claiming we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false.”
The company is concerned that the viral nature of the story is creating a “dangerous” sense of panic amongst users. “While it’s always the case that phishers are looking for ways to infiltrate inboxes,” I was told, “our protections continue to block more than 99.9% of phishing and malware attempts from reaching users.”
That doesn’t mean Google and Gmail account are not at risk — of course they are. They remain a prime target for phishing and other attacks — but that’s business as usual. They are not at risk en masse because of a data breach within its B2B ad systems.
Google said, “Gmail’s protections are strong and effective, and claims of a major Gmail security warning are false. We want to reassure our users that Gmail’s protections are strong and effective. Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false.
While it’s always the case that phishers are looking for ways to infiltrate inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from reaching users.”
Security is such an important item for all companies, all customers, all users — we take this work incredibly seriously. Our teams invest heavily, innovate constantly, and communicate clearly about the risks and protections we have in place. It’s crucial that conversation in this space is accurate and factual.
As best practices for additional protection, we encourage users to use a secure password alternative like Passkeys, and to follow these best practices to spot and report phishing attacks.”
The company recommends passkeys and a strong form of two-step verification, which means anything but SMS one time codes. An authenticator app is best. But it’s passkeys that are the real stronghold for accounts. They can’t be bypassed or stolen, and they ensure only someone with physical access to your unlocked devices can access your accounts — they can’t be stolen or used remotely. You should also ensure you have a strong, unique password that’s not reused anywhere else.
Hackers’ Reportedly Ultimatum Google To Fire Two Employees: Threaten Data Leak
