Many versions of Android, including Android 10, have a weakness dubbed StrandHogg that can lead to credential phishing and other malicious actions.
Google is now offering a top bounty of $1 million for a full chain remote code execution exploit that gains persistence on the Titan M chip on Pixel phones.
The OpenTitan chip project launched by Google and several partners will produce open-source designs for secure root of trust hardware.
A month after the Kazakh government began performing HTTPS interception on some of its citizens, Google and Mozilla have blocked that effort by dropping trust for the government's root certificate.
In the coming months, Google and Mozilla will remove the Extended Validation security indicators from the browser address bars.