Unbiased AI-powered news
Security researcher Ben Ilkashi identified an architectural misalignment that allows malicious files blocked by Gmail to be delivered via Google Drive with a "Scanned by Gmail" label. A second flaw permits bypassing of Google Drive's incomplete scan warnings when files are accessed through Gmail.
Substrate placeholder — needs reviewA security researcher has demonstrated that attackers can use Google Drive to deliver malicious files that bypass Gmail's attachment scanner and appear with a "Scanned by Gmail" label. Ben Ilkashi, a security researcher at Pentera Labs, reported the flaw after a 90-day responsible disclosure period.
The issue was first reported through the Google Bug Hunters program on December 14, 2025. Google confirmed it was a duplicate of an internally tracked issue, and on January 22 its Trust and Safety unit stated no fix timeline was available.
How the First Flaw Works Ilkashi found that a malicious SVG file blocked by Gmail with a "virus detected" label could still be uploaded to Google Drive. Google Drive did not classify the file as malicious. When the file was shared via a link in a new Gmail message, Gmail did not rescan it and applied the "Scanned by Gmail" label.
The researcher said this occurs because Gmail grants implicit trust to files originating from Google Drive within its ecosystem. As a result, standard verification steps are bypassed. The malicious payload inherits the safe status of its storage container.
Ilkashi also identified a separate issue involving files labeled "Blocked for security reasons" by Gmail rather than identified as viruses. When such a file is uploaded to Google Drive and not flagged for abuse, attaching its share link in Gmail presents it with the "Scanned by Gmail" label and no warning.
Users could download the file directly from Gmail's endpoint or file preview without any warning page or popup. Accessing the same file directly through Drive did display the expected warning. Ilkashi said this represents a flaw in the implementation of the Google Drive file download mechanism within Gmail's endpoint.
Google Drive has an estimated 1 billion active users. The researcher stated the misalignment between the services' scanning mechanisms could affect nearly every individual with a Gmail account. Ilkashi concluded that the findings demonstrate Gmail and Drive file handling mechanisms are not aligned.
He said this allows attackers to exploit gaps so that Google's services serve as a convincing delivery infrastructure for malware. Google has not provided a public update on remediation timelines for either issue as of May 12, 2026.
Single source — no framing comparison available.
news.sky.comThe European Commission is reviewing expert recommendations for phased restrictions on children's social media access. President Ursula von der Leyen said new legislation could be proposed after the summer.
The European Union sanctioned nine people and four entities on July 13, 2026. Britain sanctioned 24 people and entities the same day over a network active since 2010.
globalnews.caTwenty-two member states pledged 30 to 35 gigawatts of new capacity by 2028 under the bloc's first tripartite deal. The European Commission will oversee annual progress tracking through 2028 as part of the Affordable Energy Plan.