At Google, we’ve long invested in ways to provide you with helpful context about information you see online. Now, as generative media becomes increasingly prevalent and high-fidelity, we are deploying …
Homepage-Fragments
Increasing speed of discovery Cyril Zipfel, professor of Molecular & Cellular Plant Physiology at the University of Zurich and Sainsbury Lab, saw research timelines shrink drastically. They used …
Trail of Bits is publicly disclosing two vulnerabilities in elliptic , a widely used JavaScript library for elliptic curve cryptography that is downloaded over 10 million times weekly and is used by …
Posted by Mateusz Jurczyk, Google Project Zero Welcome back to the Windows Registry Adventure! In the previous installment of the series , we took a deep look into the internals of the regf hive …
Trail of Bits has developed constant-time coding support for LLVM , providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related …
Guest post by Dillon Franke, Senior Security Engineer , 20% time on Project Zero Every second, highly-privileged MacOS system daemons accept and process hundreds of IPC messages. In some cases, these …
Scientists are using AlphaFold in their research to strengthen an enzyme thatâs vital to photosynthesis, paving the way for more heat-tolerant crops. As global warming accompanies more droughts and …
ai-research
EN
Strengthening our partnership with the UK government to support prosperity and security in the AI era
AI presents an opportunity to build a more prosperous and secure world. The UK has already laid a strong foundation to seize this moment and is uniquely positioned to translate AI innovation into …
ai-research
EN
FACTS Benchmark Suite: Systematically evaluating the factuality of large language models
Large language models (LLMs) are increasingly becoming a primary source for information delivery across diverse use cases, so itâs important that their responses are factually accurate. In order to …
Today, we’re announcing an expanded partnership with the UK AI Security Institute (AISI) through a new Memorandum of Understanding focused on foundational security and safety research, to help …
Posted by Mateusz Jurczyk, Google Project Zero In the first three blog posts of this series, I sought to outline what the Windows Registry actually is, its role, history, and where to find further …
Posted by Mateusz Jurczyk, Google Project Zero In the previous blog post , we focused on the general security analysis of the registry and how to effectively approach finding vulnerabilities in it. …
Posted by Tim Willis, Google Project Zero In 2021, we updated our vulnerability disclosure policy to the current “90+30” model. Our goals were to drive faster yet thorough patch …
Posted by Jann Horn, Google Project Zero Introduction In early June, I was reviewing a new Linux kernel feature when I learned about the MSG_OOB feature supported by stream-oriented UNIX domain …
Introduction Some time in 2024, during a Project Zero team discussion, we were talking about how remote ASLR leaks would be helpful or necessary for exploiting some types of memory corruption bugs, …
Let’s say an environmental scientist is studying whether exposure to air pollution is associated with lower birth weights in a particular county. They might train a machine-learning model to estimate …
Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being …
Introduction I’ve recently been researching Pixel kernel exploitation and as part of this research I found myself with an excellent arbitrary write primitive…but without a KASLR leak. As …
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform …
In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of …
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming …
Hunters, saddle up — adventure awaits in the cloud. Journey into the world of Monster Hunter Stories as Capcom’s acclaimed role-playing classics join GeForce NOW . Monster Hunter Stories and Monster …
A prolific cybercriminal group that calls itself “ Scattered LAPSUS$ Hunters ” has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major …
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: …
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already …