Patches Accelerate as AWS Outage and Supply‑Chain Hits Test Resilience

Major AWS Outage Disrupts Amazon, Prime Video, Fortnite

⚠️ AWS experienced a widespread outage affecting multiple services in the US-EAST-1 region, causing elevated error rates and latencies across key APIs. The disruption, tied to a DNS resolution issue for the DynamoDB API endpoint and subsequent network load balancer problems, interrupted login and content services for platforms such as Amazon, Prime Video, Fortnite, Canva and Perplexity. AWS reported mitigation steps and later declared services restored after extended recovery efforts.

AWS US-EAST-1 Outage Disrupts Major Sites and Apps

🚨 An AWS outage in the US-EAST-1 region caused widespread disruptions across multiple consumer services, producing elevated error rates and higher latencies. Major platforms including Amazon, PrimeVideo, Fortnite, Perplexity, and Canva reported failures ranging from login and chat outages to impaired editing functionality. AWS acknowledged the incident on its Health page and said engineers were investigating and mitigating the issue. After roughly 45 minutes some services began recovering, though many users still experienced intermittent problems.

Google Cloud G4 VMs: NVIDIA RTX PRO 6000 Blackwell GA

🚀 The G4 VM is now generally available on Google Cloud, powered by NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs and offering up to 768 GB of GDDR7 memory per instance class. It targets latency-sensitive and regulated workloads for generative AI, real-time rendering, simulation, and virtual workstations. Features include FP4 precision support, Multi-Instance GPU (MIG) partitioning, an enhanced PCIe P2P interconnect for faster multi‑GPU All-Reduce, and an NVIDIA Omniverse VMI on Marketplace for industrial digital twins.

G4 VMs: High-performance P2P Fabric for Multi‑GPU Workloads

🚀 Google Cloud's newly GA G4 VMs combine NVIDIA RTX PRO 6000 Blackwell GPUs with a custom, software-defined PCIe fabric to enable high-performance peer-to-peer (P2P) GPU communication. The platform accelerates collective operations like All-Gather and All-Reduce without code changes, delivering up to 2.2x faster collectives. For tensor-parallel inference, customers can see up to 168% higher throughput and up to 41% lower inter-token latency. G4 integrates with GKE Inference Gateway for horizontal scaling and production deployments.

AI Hypercomputer Update: vLLM on TPUs and Tooling Advances

🔧 Google Cloud’s Q3 AI Hypercomputer update highlights inference improvements and expanded tooling to accelerate model serving and diagnostics. The release integrates vLLM with Cloud TPUs via the new tpu-inference plugin, unifying JAX and PyTorch runtimes and boosting TPU inference for models such as Gemma, Llama, and Qwen. Additional launches include improved XProf profiling and Cloud Diagnostics XProf, an AI inference recipe for NVIDIA Dynamo, NVIDIA NeMo RL recipes, and GA of the GKE Inference Gateway and Quickstart to help optimize latency and cost.

Design Patterns for Scalable AI Agents on Google Cloud

🤖 This post explains how System Integrator partners can build, scale, and manage enterprise-grade AI agents using Google Cloud technologies like Agent Engine, the Agent Development Kit (ADK), and Gemini Enterprise. It summarizes architecture patterns including runtime, memory, the Model Context Protocol (MCP), and the Agent-to-Agent (A2A) protocol, and contrasts managed Agent Engine with self-hosted options such as Cloud Run or GKE. Customer examples from Deloitte and Quantiphi illustrate supply chain and sales automation benefits. The guidance highlights security, observability, persistent memory, and model tuning for enterprise readiness.

Dataproc 2.3 on Google Compute Engine: Lightweight Security

🔐 Dataproc 2.3 on Google Compute Engine provides a streamlined image that includes only the essential core components for Spark and Hadoop, reducing the attack surface and simplifying compliance. The image is FedRAMP High compliant and leverages both automated CVE remediation and manual engineering intervention for complex fixes. Optional tools like Flink, Hudi, Ranger, and Zeppelin are available on-demand during cluster creation, or can be pre-baked into custom images to speed provisioning while preserving the security benefits of the lightweight base.

Google Named Leader in 2025 IDC MarketScape for GenAI

🏆 Google Cloud announced it was named a Leader in the 2025 IDC MarketScape for Worldwide GenAI Life-Cycle Foundation Model Software, spotlighting the Gemini model family and the Vertex AI platform. The post highlights Gemini 2.5’s expanded “thinking” capabilities and new cost controls such as thinking budgets and thought summaries for improved auditability. It also underscores native multimodality, creative variants like Nano Banana, developer tooling including the Gemini CLI, and enterprise features for customization, grounding, security, and governance.

AI-Powered Phishing Detection: Next-Gen Security Engine

🛡️ Check Point introduces a continuously trained AI engine that analyzes website content, structure, and authentication flows to detect phishing with high accuracy. Integrated with ThreatCloud AI, it delivers protection across Quantum gateways, Harmony Email, Endpoint, and Harmony Mobile. The model learns from millions of domains and real-time telemetry to adapt to new evasion techniques. Early results indicate improved detection of brand impersonation and credential-harvesting pages.

SharePoint Flaws Led to Breach at Kansas City Nuclear Plant

🔒 A foreign threat actor exploited unpatched Microsoft SharePoint vulnerabilities to infiltrate the Kansas City National Security Campus (KCNSC), which produces most non‑nuclear components for U.S. nuclear weapons. Honeywell FM&T, which manages the site for the NNSA, and the Department of Energy did not respond to requests for comment. Federal responders, including the NSA, were onsite in early August after Microsoft issued fixes on July 19. Attribution remains disputed between Chinese-linked groups and possible Russian actors; there is no public evidence that classified information was taken.

75,000+ WatchGuard Firebox Devices Vulnerable to RCE

⚠️ Nearly 76,000 WatchGuard Firebox network appliances exposed on the public internet remain vulnerable to CVE-2025-9242, a critical (9.3) out-of-bounds write in the iked process that handles IKEv2 VPN negotiations. The flaw can be exploited without authentication by sending specially crafted IKEv2 packets to devices configured with dynamic gateway peers, potentially enabling remote code execution. WatchGuard has published patched releases and urges administrators to upgrade to supported versions immediately; 11.x is end-of-support and will not receive fixes.

CISA: Windows SMB Privilege Escalation Actively Exploited

🔒 CISA warns that threat actors are actively exploiting a high-severity Windows SMB vulnerability tracked as CVE-2025-33073, which can allow elevation to SYSTEM on unpatched machines. Microsoft patched the flaw in its June 2025 Patch Tuesday release, citing an improper access control weakness that can be abused over a network. The bug affects Windows Server, Windows 10 and Windows 11 up to 24H2. Federal agencies must remediate within three weeks under BOD 22-01, and all organizations are urged to apply the update immediately.

GlassWorm Worm Infects OpenVSX and VS Code Extensions

🛡️ A sophisticated supply-chain campaign called GlassWorm is propagating through OpenVSX and Microsoft VS Code extensions and is estimated to have about 35,800 active installs. The malware conceals malicious scripts using invisible Unicode characters, then steals developer credentials and cryptocurrency wallet data while deploying SOCKS proxies and hidden VNC clients for covert access. Operators rely on the Solana blockchain for resilient C2, with Google Calendar and direct-IP fallbacks.

Microsoft Revokes 200+ Fraudulent Code-Signing Certificates

🔒 Microsoft Threat Intelligence has revoked more than 200 code-signing certificates that were fraudulently used to sign counterfeit Microsoft Teams installers delivering a persistent backdoor and ransomware. The campaign, tracked as Vanilla Tempest (also known as Vice Spider/Vice Society), employed SEO poisoning and malvertising to lure users to spoofed download sites hosting fake MSTeamsSetup.exe files that deployed the Oyster backdoor and ultimately Rhysida ransomware. Microsoft says the actor abused Trusted Signing and services such as SSL.com, DigiCert and GlobalSign to sign malicious binaries. A fully enabled Microsoft Defender Antivirus detects and blocks these threats, and Microsoft provides guidance through Microsoft Defender for Endpoint for mitigation and investigation.

CISA Adds Five Exploited Bugs Including Oracle EBS SSRF

⚠️ CISA added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming CVE-2025-61884 — an SSRF in the Runtime component of Oracle E-Business Suite — is being weaponized in the wild. The agency warns CVE-2025-61884 is remotely exploitable without authentication and follows active exploitation of CVE-2025-61882, a critical RCE bug. The KEV update also includes high-severity issues in Microsoft Windows SMB Client, Kentico Xperience CMS, and Apple JavaScriptCore, and FCEB agencies must remediate them by November 10, 2025.

New Russian COLDRIVER Malware: NOROBOT and ROBOTs Variants

🤖 Google Threat Intelligence Group (GTIG) attributes a rapid malware retooling to the Russia-aligned COLDRIVER group after the May 2025 LOSTKEYS disclosure. The campaign uses a COLDCOPY “ClickFix” lure that coerces users to run a malicious DLL via rundll32; the DLL family is tracked as NOROBOT. Early NOROBOT variants fetched a noisy Python backdoor named YESROBOT, which was quickly replaced by a lighter, extensible PowerShell backdoor called MAYBEROBOT. GTIG published IOCs, YARA rules, and protective measures including Safe Browsing coverage and targeted alerts.

Weekly Recap: F5 Breach, Linux Rootkits, and Trends

🔒 This weekly recap highlights long-lived, stealthy intrusions and emerging tactics that are reshaping defender priorities. Chief among them, F5 disclosed a year-long breach involving the BRICKSTORM malware and stolen BIG-IP source material, while researchers uncovered new Linux rootkits such as LinkPro and campaigns abusing blockchain smart contracts for malware delivery. The report urges inventorying edge devices, prioritizing patches, and improving detection, baselining, and intelligence sharing.

Hackers Leak Personal Data of Hundreds of US Agents

🔓 A hacking collective known as The Com has posted alleged personal details — names, addresses, and phone numbers — of hundreds of US government employees on private Telegram channels. Reporting by 404 Media indicates spreadsheets containing roughly 680 DHS entries, over 170 FBI email addresses, and more than 190 Department of Justice records were shared; the origin of the information is unclear. The group, which has ties to known ransomware and extortion actors, suggested further doxing and even solicited criminal collaboration, raising concerns about threats and physical safety for affected personnel and their families.

Scattered LAPSUS$ Hunters: Recent Activity and Risks

🚨 Unit 42 observed renewed activity from Scattered LAPSUS$ Hunters in early October 2025, including leaked data claims, a defaced clearnet leak site, and announcements of an extortion-as-a-service offering. The actors set a self-imposed ransom deadline of Oct. 10, 2025 and claimed to have released data allegedly from six victim companies across aviation, energy and retail. Unit 42 recommends organizations prepare EaaS incident playbooks and engage third-party responders.

Salt Typhoon Exploits Citrix NetScaler in Global Attacks

🔒In a global intrusion tracked by Darktrace, the China-linked group Salt Typhoon exploited a Citrix NetScaler Gateway vulnerability to gain access and maintain persistence. Attackers employed DLL sideloading to deploy the SNAPPYBEE (Deed RAT) backdoor alongside legitimate antivirus executables, then moved laterally to Citrix Virtual Delivery Agent hosts while obscuring origin via SoftEther VPN infrastructure. C2 channels used HTTP (with Internet Explorer user-agent headers and URIs like "/17ABE7F017ABE7F0") and unidentified TCP protocols; the domain aar.gandhibludtric[.]com has prior links to the group. Darktrace emphasised the need for anomaly-based behavioural detection to surface such stealthy activity early.

CISA Adds Five CVEs to Known Exploited Vulnerabilities

🚨 CISA added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation: CVE-2022-48503 (Apple), CVE-2025-2746 and CVE-2025-2747 (Kentico Xperience Staging Sync Server), CVE-2025-33073 (Microsoft Windows SMB Client), and CVE-2025-61884 (Oracle E-Business Suite SSRF). These flaws include authentication bypasses, improper access control, and SSRF, which are frequent attack vectors and pose significant risks. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate identified KEV items by the required due dates; CISA strongly urges all organizations to prioritize timely remediation as part of their vulnerability management practice.

China Accuses U.S. of Attacking National Time Authority

🔍 China’s Ministry of State Security has accused the U.S. National Security Agency of conducting cyber intrusions against the National Time Service Center in Xi'an, alleging activity beginning in March 2022. The statement says the campaign initially exploited vulnerabilities in employees’ mobile phones and later affected center computers. Beijing warned that the center’s role in providing official time underpins communications, finance and power systems, and that interference could cause major disruptions. U.S. officials did not immediately respond to the allegation.

Legacy Flaws in Network Edge Devices Threaten Orgs Today

🔒 Enterprises' network edge devices — firewalls, VPNs, routers, and email gateways — are increasingly being exploited due to longstanding 1990s‑era flaws such as buffer overflows, command and SQL injections. Researchers tracked dozens of zero‑day exploits in 2024 and continuing into 2025 that affected vendors including Fortinet, Palo Alto Networks, Cisco, Ivanti, and others. These appliances are attractive targets because they are remotely accessible, often lack endpoint protections and centralized logging, and hold privileged credentials, making them common initial access vectors for state‑affiliated actors and ransomware groups.

China Accuses NSA of Multi-Stage Attack on NTSC Systems

🕒 The Chinese Ministry of State Security (MSS) has accused the U.S. National Security Agency (NSA) of a "premeditated" multi-stage cyber intrusion targeting the National Time Service Center (NTSC), which manages Beijing Time. The MSS says the campaign began with SMS-based compromises of staff devices in March 2022 and escalated through credential reuse and a deployed "cyber warfare platform" between August 2023 and June 2024. According to the statement, the platform employed 42 specialized tools, forged digital certificates, and high-strength encryption while routing traffic through VPSes across the U.S., Europe, and Asia; Chinese agencies say they detected, neutralized the activity, and reinforced defenses.

Developers leaking secrets via VSCode and OpenVSX extensions

🔒 Researchers at Wiz found that careless developers published Visual Studio extensions to the VSCode Marketplace and OpenVSX containing more than 550 validated secrets across over 500 extensions, including API keys and personal access tokens for providers such as OpenAI, AWS, GitHub, Azure DevOps, and multiple databases. The primary cause was bundled dotfiles (notably .env) and hardcoded credentials in source and config files, with AI-related configs and build manifests also contributing. Microsoft and OpenVSX collaborated with Wiz on coordinated remediation: notifying publishers, adding pre-publication secrets scanning, blocking verified secrets, and prefixing OVSX tokens to reduce abuse.

Muji Halts Japan Online Sales After Supplier Ransomware

🔒 Muji has temporarily taken its Japan online store offline after a ransomware attack disrupted logistics systems at its delivery partner, Askul. The outage affects browsing, purchases, order histories in the Muji app, and some web content; Muji is investigating which shipments and pre-attack orders were impacted and will notify affected customers by email. Askul confirmed a ransomware infection suspended orders, shipping, and several customer services while it investigates potential data exposure; international Muji stores remain operational.

Rhysida Ransomware Group Lists German Manufacturer Geiger

🔒 On October 17, the ransomware group Rhysida posted the German machine manufacturer Geiger on a darknet victims list, claiming to offer data stolen from the company. The attackers set an asking price of 10 BTC (roughly €1 million) and indicated a sale deadline of October 24, 2025, without specifying the scope or types of data. Geiger has not publicly responded to the claim. Security researchers characterize Rhysida as financially motivated and likely operating from Russia or the CIS.

Analyzing ClickFix: Why Browser Copy-Paste Attacks Rise

🔐 ClickFix attacks trick users into copying and executing malicious code from a webpage—often presented as a CAPTCHA or a prompt to 'fix' an error—so the payload runs locally without a download. Researchers link the technique to Interlock and multiple public breaches and note delivery has shifted from email to SEO poisoning and malvertising. The articles says clipboard copying via JavaScript and heavy obfuscation let these pages evade scanners, and that traditional EDR and DLP often miss the attack. Push Security recommends browser-based copy-and-paste detection to block attacks before the endpoint is reached.

SIMCARTEL Takedown: Major SIM-Box Supply Network Bust

🔒 Law enforcement dismantled a criminal SIM-card supply network known as 'SIMCARTEL' following coordinated actions across multiple European countries. The now-defunct service operated a commercial SIM-box platform that let customers rent phone numbers from over 80 countries to create and manage an estimated 49 million fake online accounts used in phishing, fraud and other serious offences. Authorities seized five servers, around 1,200 SIM-box devices (operating ~40,000 SIMs), hundreds of thousands of SIM cards, froze more than $500,000 in bank funds and over $330,000 in crypto, and took down two domain services linked to the operation.

131 Chrome Extensions Hijack WhatsApp Web for Spam

🔍 Cybersecurity researchers uncovered a coordinated operation that used 131 rebranded Chrome extensions—about 20,905 active users—to inject automation code into WhatsApp Web and conduct large-scale spam campaigns targeting Brazilian users. Socket found the add-ons share a common codebase, design patterns, and infrastructure and are primarily published under WL Extensão variants. The extensions pose a high spam risk by automating bulk outreach and scheduling to evade WhatsApp rate limits and violate Chrome Web Store policies.

Audit Microsoft 365 for Hidden Malicious OAuth Applications

🔍 Matt Kiely of Huntress Labs urges Microsoft 365 administrators to audit OAuth applications across their tenants and provides a pragmatic starting tool, Cazadora. The research shows both abused legitimate apps (Traitorware) and bespoke malicious apps (Stealthware) can persist for years and that Azure’s default user-consent model enables these abuses. Operators should check Enterprise Applications and Application Registrations for suspicious names, anomalous reply URLs (notably a localhost loopback with port 7823), and other anomalous attributes, then take remediation steps.

Experian Fined €2.7m by Dutch Regulator for GDPR Breach

🔒 Experian Netherlands has been fined €2.7m by the Dutch Data Protection Authority for breaching GDPR requirements after collecting and processing personal data from public and private sources without proper notice or consent. The regulator found Experian compiled extensive databases using information from the Chamber of Commerce and data sold by telecom and energy firms, and that its credit scores influenced contract terms, deposits and denials. Experian acknowledged the violations, will not appeal, has ceased Dutch operations and plans to delete the database by year-end.

Microsoft October Windows Updates Break Smart Card Auth

🔒 Microsoft warns the October 2025 Windows security updates are causing smart card authentication and certificate failures by switching RSA-based smart card certificates to use KSP instead of CSP. Affected systems may report errors such as "invalid provider type specified" or "CryptAcquireCertificatePrivateKey error" and Event ID 624 in the Smart Card Service log. Microsoft provides a manual workaround: set the DisableCapiOverrideForRSA registry value to 0, back up the registry first, then restart. This impacts Windows 10, Windows 11 and Windows Server releases; the company says the key will be removed in April 2026 and urges customers to work with application vendors to resolve compatibility.

Agentic AI and the OODA Loop: The Integrity Problem

🛡️ Bruce Schneier and Barath Raghavan argue that agentic AIs run repeated OODA loops—Observe, Orient, Decide, Act—over web-scale, adversarial inputs, and that current architectures lack the integrity controls to handle untrusted observations. They show how prompt injection, dataset poisoning, stateful cache contamination, and tool-call vectors (e.g., MCP) let attackers embed malicious control into ordinary inputs. The essay warns that fixing hallucinations is insufficient: we need architectural integrity—semantic verification, privilege separation, and new trust boundaries—rather than surface patches.

2025 APJ eCrime Landscape: Emerging Threat Trends and Risks

🔒 The CrowdStrike 2025 APJ eCrime Landscape Report outlines a rapidly evolving criminal ecosystem across Asia Pacific and Japan, driven by regional marketplaces and increasingly automated ransomware. The report highlights active Chinese-language underground markets (Chang’an, FreeCity, Huione Guarantee) and the rise of AI-developed ransomware, with 763 APJ victims named on ransomware and dedicated leak sites between January 2024 and April 2025. It profiles local eCrime groups (the SPIDER cluster) and service providers such as Magical Cat and CDNCLOUD, and concludes with prioritized defenses for identity, cloud, and social-engineering resilience.

Amazon ECS Adds CloudTrail Data Events for Agent API

🔍 Amazon ECS now emits AWS CloudTrail data events for ECS Agent API activities, giving teams detailed visibility into container instance operations. Customers can opt in to the new data event resource type AWS::ECS::ContainerInstance to capture actions such as ecs:Poll, ecs:StartTelemetrySession, and ecs:PutSystemLogEvents. The capability is available for ECS on EC2 across all AWS Regions and for ECS Managed Instances in select regions. Standard CloudTrail data event charges apply.

Inside the attack chain: Azure Blob Storage threats

🔐 Microsoft Threat Intelligence analyzes how attackers target Azure Blob Storage across the full attack chain, emphasizing risks from exposed containers, compromised keys and SAS tokens, and abuse of automation such as Event Grid and Azure Functions. The blog maps these behaviors to the MITRE ATT&CK framework and illustrates tactics including data poisoning, covert C2 via metadata, and replication-based distribution. Microsoft recommends applying zero trust principles, enforcing least privilege with Microsoft Entra RBAC/ABAC, and enabling Defender for Storage with malware scanning, CSPM, and sensitive data discovery to detect, contain, and remediate storage-focused threats.

AI-Driven Social Engineering Tops ISACA Threats for 2026

⚠️A new ISACA report identifies AI-driven social engineering as the top cyber threat for 2026, cited by 63% of nearly 3,000 IT and security professionals. The 2026 Tech Trends and Priorities report, published 20 October 2025, shows AI concerns outpacing ransomware (54%) and supply chain attacks (35%), while only 13% of organizations feel very prepared to manage generative AI risks. ISACA urges organizations to adopt AI governance, strengthen compliance amid divergent US and EU approaches, and invest in talent, resilience and legacy modernization.

Microsoft October update disables USB input in WinRE

⚠ After installing the October 14, 2025 security update KB5066835, USB-wired mice and keyboards do not function in the Windows Recovery Environment (WinRE), Microsoft confirmed. The devices continue to operate normally inside the Windows OS, but WinRE navigation is blocked, affecting Windows 11 (24H2, 25H2) and Windows Server 2025. Microsoft is working on a fix expected in the coming days; meanwhile users can rely on Bluetooth peripherals or legacy PS/2 input devices as a workaround.

Closing the Cybersecurity Skills Gap: New Pathways

🔐 Cyber Awareness Month highlights the persistent cybersecurity skills shortage and the opportunities it creates for new entrants and experienced professionals. The 2025 Cybersecurity Skills Gap Report documents a global shortfall of more than 4.7 million roles and identifies high demand for data, cloud, network and AI security expertise. Employers increasingly favor certifications (65%) over degrees, opening practical pathways for career changers, veterans, and adjacent IT or business professionals. Investing in upskilling, governance, and awareness programs can reduce breach risk and improve retention.

Cybersecurity Awareness Month 2025: Ransomware Resilience

🔒 ESET's Cybersecurity Awareness Month 2025 video, presented by Chief Security Evangelist Tony Anscombe, explains why ransomware continues to threaten organizations large and small. Citing Verizon's 2025 DBIR and a Coalition Inc. study, it notes that 44% of breaches involved ransomware and 40% of insured victims paid ransoms. The video outlines common intrusion vectors and practical steps — backups, patching, access controls and training — organizations should take to improve resilience.

ChatGPT privacy and security: data control guide 2025

🔒 This article examines what ChatGPT collects, how OpenAI processes and stores user data, and the controls available to limit use for model training. It outlines region-specific policies (EEA/UK/Switzerland vs rest of world), the types of data gathered — from account and device details to prompts and uploads — and explains memory, Temporary Chats, connectors and app integrations. Practical steps cover disabling training, deleting memories and chats, managing connectors and Work with Apps, and securing accounts with strong passwords and multi-factor authentication.

Migration to Azure SQL Drives Operational and AI Gains

🚀 This Microsoft case study showcases how three organizations—Thomson Reuters, Hexure, and CallRevu—jumpstarted modernization by migrating on-premises SQL workloads to Azure SQL Managed Instance and complementary Azure services. The migrations reduced operational overhead, improved resiliency, and enabled faster deployments. Customers reported dramatic performance improvements, shorter migration windows, and a scalable foundation for AI-driven features and insights.

Agent Factory Recap: Evaluating Agents, Tooling, and MAS

📡 This recap of the Agent Factory podcast episode, hosted by Annie Wang with guest Ivan Nardini, explains how to evaluate autonomous agents using a practical, full-stack approach. It outlines what to measure — final outcomes, chain-of-thought, tool use, and memory — and contrasts measurement techniques: ground truth, LLM-as-a-judge, and human review. The post demonstrates a 5-step debugging loop using the Agent Development Kit (ADK) and describes how to scale evaluation to production with Vertex AI.

Oklahoma Transforms Data Access, Strengthens Employer Trust

🔍 The Oklahoma Employment Security Commission modernized its 40‑year mainframe data architecture with a cloud-first data platform built on BigQuery and analytics delivered via Looker. Partnering with Google Public Sector and Phase2, OESC reorganized opaque, mainframe-mimicking schemas into a performant, intuitive model and enabled point-in-time snapshots previously impossible. Critical reporting moved from months to hours, stakeholders gained self-service access, and the agency unlocked employer insights that supported tax analysis, improved auditability, and accelerated fraud detection.

DNS0.EU DNS Service Shuts Down Over Sustainability Concerns

🔒 The DNS0.EU non‑profit public DNS resolver announced an immediate shutdown, citing unsustainable time and resource constraints for its volunteer team. Launched in 2023 and operated from France with 62 servers across 27 cities in all EU member states, the service supported no‑logs policies and modern encrypted transports including DNS‑over‑HTTPS, DNS‑over‑TLS, and DNS‑over‑QUIC. The operators thanked partners and urged users to migrate to DNS4EU or NextDNS, both of which offer privacy protections and defenses against malicious domains.