Google introduces Device Bound Session Credentials (DBSC) in open beta to prevent session cookie theft and unauthorized account access. Additionally, Googleβs Project Zero is trialing a new reporting transparency initiative to reduce upstream patch gaps and improve vulnerability response times. #DBSC #GoogleProjectZero
Keypoints
- Googleβs DBSC binds user sessions to a device, enhancing security against cookie theft attacks.
- DBSC improves session integrity by making cookie reuse more difficult for attackers.
- Expanded support for passkeys and new admin controls are now available to over 11 million Google Workspace users.
- The shared signals framework (SSF) enables real-time security alerts sharing among systems.
- Google Project Zeroβs Reporting Transparency aims to close the upstream patch gap by publicly sharing vulnerability reports early.
Read More: https://thehackernews.com/2025/07/google-launches-dbsc-open-beta-in.html