Unbiased AI-powered news
Security researcher Ben Ilkashi showed that a malicious SVG file blocked by Gmail can be hosted on Google Drive and shared via link without re-scanning, receiving a "Scanned by Gmail" label. Google confirmed no fix timeline was available as of January 22 and is updating its user interface for safety indicators.
androidpolice.comA security researcher demonstrated that Gmail can apply a "Scanned by Gmail" label to emails containing links to malicious files hosted on Google Drive even after the same file was blocked by Gmail's attachment scanner, Forbes reported. Ben Ilkashi, a security researcher at Pentera Labs, exclusively shared his research with Forbes.
Ilkashi uploaded a malicious SVG sample that Gmail had already flagged as "virus detected" and prevented from being sent directly.
He then configured the file on Google Drive to be accessible to anyone with the share link. Gmail did not re-scan the malicious file hosted on Google Drive when included via link in a new email. Instead, it applied a "Scanned by Gmail" label.
Google Drive marks malicious files as "Flagged for abuse," prevents anyone aside from the author from downloading them, and shows a warning interstitial. Pentera Labs published Ilkashi’s research following a 90-day responsible disclosure period. On January 22, Google’s Trust and Safety unit confirmed that no fix timeline was available, according to Ilkashi.
The unit also stated that the decision regarding disclosure timing was up to Pentera Labs. A proof-of-concept video demonstrated the method using a crafted ransomware executable that employs xor-based encryption. txt in the same directory.
Google Drive has an estimated one billion active users. Google is actively updating the user interface to clarify how safety checks are displayed when files are shared via Google Drive links. " The research highlighted an architectural misalignment within Google’s unified security framework.
This enables malware otherwise explicitly blocked by Gmail’s attachments scanner to be hosted on Drive and delivered alongside a "Scanned by Gmail" label of trust. The flaw stems from Gmail granting implicit trust to files originating from Google Drive.
Single source — no framing comparison available.
forbes.comUnder Secretary Jeffery Kessler told a congressional hearing on July 15, 2025, that very few H200 AI chips reached China and Hong Kong. Licenses were issued earlier in 2025 after a December 2024 statement by President Trump on revenue sharing.
globalnews.caGovernor Kathy Hochul issued an executive order July 14 imposing a one-year pause on new permits for data centers using 50 megawatts or more of electricity. The order directs studies on grid and environmental effects while leaving existing projects unaffected.
sbs.com.auTwenty-six current and former Meta employees filed a federal lawsuit Monday alleging the company used AI systems to select workers for its May layoffs in a way that penalized those on protected leave. The plaintiffs seek to block their July 22 terminations and request an audit of…