Skip to content
Threat Feed
high advisory updated

Google Security Updates — July 2026

Roundup of Google security advisories published in July 2026.

What's new

  • l2 added CVE-2026-15109 +2; chrome version < 150.0.7871.115; OS macos Jul 9, 14:29 via anssi
  • l1 new product Jul 7, 20:56 via dark-reading
  • l1 OS android Jul 7, 15:42 via cccs
  • l2 google kubernetes engine version GKE; google cloud platform version GCP) Audit Logs Jul 6, 16:55 via elastic
  • l1 OS linux Jul 6, 16:53 via elastic

Aggregated Google security advisories for July 2026. CVEs from this cycle are folded into the list below as they are published.

Recommendation

Review affected products and apply Google's July 2026 security updates.

Indicators of compromise

1

domain

2

file_name

2

file_path

12

url

TypeValue
urlhttps://www.recordedfuture.com/research/from-castleloader-to-castlerat-tag-150-advances-operations
urlhttps://peter.sh/experiments/chromium-command-line-switches/
urlhttps://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1185/browser_unusual_flag/castle_chrome_shell32.log
file_nameLocal State
file_nameLogin Data
file_path*\temp\*
urlhttps://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer
file_path*\AppData\Local\Google\Chrome\User Data\Default\Login Data
urlhttps://x.com/suyog41/status/1825869470323056748
urlhttps://g0njxa.medium.com/from-vietnam-to-united-states-malware-fraud-and-dropshipping-98b7a7b2c36d
domainapps.googleusercontent.com
urlhttps://support.google.com/a/answer/175197
urlhttps://support.google.com/a/answer/7587183
urlhttps://support.google.com/a/answer/7061566
urlhttps://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-google_workspace.html
urlhttps://www.elastic.co/security-labs/google-workspace-attack-surface-part-one
urlhttps://www.elastic.co/security-labs/google-workspace-attack-surface-part-two