All news with #gemini tag

🔐 ESET researchers have identified an Android implant, dubbed PromptSpy, that leverages generative AI to maintain persistence on victims' devices and represents an evolution of earlier VNCSpy samples. The implant sends serialized UI snapshots to Google's Gemini, receives step-by-step Accessibility Service actions to keep the malicious app pinned in Recent Apps, and executes those actions while a VNC module provides remote viewing and control. The initial dropper impersonated JPMorgan Argentina and distributed via mgardownload[.]com; communications use AES-encrypted VNC to a hardcoded C2 at 54.67.2[.]84. PromptSpy also overlays invisible UI elements to block uninstallation; the only reliable removal is rebooting into Safe Mode.

🎿 Using Google Cloud AI and Gemini-era vision from DeepMind, the Google Cloud Team and U.S. Ski & Snowboard built a tool that extracts full 3D biomechanical pose data from ordinary video to measure rotation, posture, and airtime. The system defines a torso-based Body Frame and uses quaternions to compute true angular travel, producing a new metric called Rotational Degrees. Visual outputs like the Cork Ribbon reveal axis tilt and consistency for coaches and broadcasters, helping quantify efficiency and the physical feasibility of higher-degree tricks.

💬 This Google Cloud post by David Tamaki Szajngarten demonstrates how to build a context-aware conversational agent for BigQuery using the Conversational Analytics API powered by Gemini. It provides a reference Python SDK flow to register BigQuery tables, create a DataAgent with system instructions and permitted datasources, and deploy stateful or stateless conversations. The article shows a streaming chat loop that returns generated SQL, DataFrame-like results, Vega‑Lite chart specs, and final natural-language answers, and highlights integration with the Agent Development Kit (ADK) and lifecycle controls.

🚀 Google announced Gemini 3.1 Pro, an upgraded foundation model in the Gemini 3 series that emphasizes deeper reasoning and complex problem solving. The model is available in preview in Vertex AI and Gemini Enterprise, and developers can access it through Google AI Studio, the Gemini API, Android Studio, Google Antigravity, and the Gemini CLI. Early customers report meaningful gains in speed, efficiency, and accuracy across code, 3D transformations, and product design workflows.

🧠 ESET researchers have identified PromptSpy, the first known Android malware to integrate generative AI (Google's Gemini) into its execution flow. The malware sends serialized UI XML to Gemini and receives JSON-formatted tap, swipe, and long-press instructions to navigate device-specific interfaces. This enables robust persistence by programmatically locking the app in Recent Apps and deploying a VNC module for remote control and data exfiltration. Distribution appears limited and regionally focused, but the technique raises broader concerns about AI misuse.

🔗 Gemini CLI's Neo4j extension connects graph databases to Gemini's reasoning via the Model Context Protocol (MCP). The extension bundles four MCP servers to manage Neo4j Aura, translate natural language into Cypher, support interactive data modeling and visualization, and use Neo4j as long-term memory for agentic flows. Developers can provision databases, run Cypher queries, and persist knowledge from the terminal to accelerate GraphRAG workflows.

🛡️Wiz has built a 257-challenge benchmark suite to evaluate AI agents across five offensive security domains: zero-day discovery, CVE detection, API security, web security, and cloud security. Tests run inside isolated Docker containers with no per-challenge timeouts, use deterministic scoring rubrics, and give each agent three attempts per challenge. The vendor-agnostic framework measures capability rather than throttling, and in Wiz's announcement Claude Code on Claude Opus 4.6 narrowly topped the trials, with Gemini 3 Pro placing second.

⚠️ Google’s Threat Intelligence Group (GTIG) says the North Korea-linked actor UNC2970 and other state-aligned groups abused Gemini for target profiling, reconnaissance, and campaign planning. GTIG found use cases ranging from synthesizing OSINT and crafting tailored phishing personas to automating vulnerability analysis and debugging exploit code. Researchers identified malware such as HONESTCUE, which queries Gemini’s API to generate C# stage-two loaders compiled in memory, and an AI-built phishing kit called COINBAIT. Google also reported and mitigated large-scale model extraction activity aimed at replicating Gemini’s behavior.

🔍 Google’s Threat Intelligence Group and DeepMind found that government-backed APTs increasingly use Gemini and other generative AI for reconnaissance, target profiling and sophisticated social engineering. Observed actors include Iran’s APT42 and North Korea’s UNC2970 using models to harvest email addresses and synthesize OSINT, while TEMP.Hex and APT31 applied AI for vulnerability research and automated testing. The report also details a rise in model extraction attempts, an underground jailbreak ecosystem (notably the Xanthorox toolkit), abuse of public sharing to host malicious instructions, and cases such as Honestcue leveraging Gemini APIs to generate in-memory malicious code; Google has disabled associated assets and warns of intellectual-property theft risks.

🛡️ Google Threat Intelligence Group warns state-backed actors are abusing Gemini across the full attack lifecycle, from reconnaissance and phishing-lure generation to C2 development and data exfiltration. Groups linked to China, Iran, North Korea, and Russia used the model for target profiling, code generation, translation, vulnerability testing, and troubleshooting. Google says it has disabled abusive accounts and implemented targeted classifier defenses to make misuse harder.

🛡️ This week at the Munich Security Conference, Google Cloud released a whitepaper, "Staying Ahead of the Shadows: Digital Resilience in the Era of AI," that outlines current digital threats and recommends a unified, full‑stack defense to help democracies. It highlights supply‑chain targeting, employee‑focused manipulation, and sustained China‑nexus espionage. The paper prescribes a five‑layer resilience model — Infrastructure, Architecture, Models, Applications, and Security — supported by technologies such as Gemini, Workspace, CodeMender, SAIF, and post‑quantum cryptography.

🛡️ Google Cloud outlines an AI-driven approach to operational resilience for financial institutions, using Gemini Enterprise to generate context-aware incident scenarios based on a customer's real production data. The Technical Account Management team ingests logs, architecture, SLAs and support history to craft bespoke timelines that test cross-functional response and communication. The program supports DORA readiness and has driven immediate remediation actions and process changes.

🔧 This guide explains how to adapt foundation models on Google Cloud by fine-tuning both managed and self-managed workflows. It contrasts a fully managed Vertex AI Supervised Fine-Tuning path for models like Gemini with a customizable GKE approach using LoRA on open-source models such as Llama. The labs walk through data preparation, baseline evaluation, tuning, and automated evaluation metrics, as well as GKE infrastructure, GPU provisioning, security with Workload Identity, and containerized training for production readiness.

🧰 The Google Cloud samples team describes building a specialized end-to-end system that uses Gemini on Vertex AI and Genkit to produce production-ready educational code samples across many languages and products. Their architecture separates generation, validation, and delivery so LLM outputs are combined with deterministic automations, linters, unit tests, and human review. The post presents seven practical technical takeaways—decomposition, determinism, precise prompts, vetted evaluation, scaled downstream processes, end-to-end testing, and solid engineering practices—that drove reliable, scalable sample generation.

🚀 Google has opened the Gemini Enterprise Agent Ready (GEAR) learning program to all developers and professionals as a dedicated pathway within the Google Developer Program. GEAR provides 35 monthly Google Skills credits for hands-on labs and sandbox testing and features end-to-end learning paths such as Introduction to Agents and Develop Agents with the ADK. Members can earn profile badges and pursue instructor-led certification tracks to validate enterprise agent engineering skills and accelerate production-ready deployments.

🔓 This article explains how to begin using Gemini 3 by activating the Google Cloud Free Trial, which grants new users $300 in credits valid for 91 days plus ongoing Free Tier usage. It walks through eligibility checks, signing in with a Google Account, accepting terms, and completing identity verification with a payment method (you are not charged automatically). The post highlights useful Free Tier limits — including Cloud Run, Compute Engine, Cloud Storage, and BigQuery — and shows how to enable billing, import the Cloud Project into Google AI Studio, create a project-attached API key, and call Nano Banana Pro and other Gemini Pro models.

🤖 Google’s Agent Factory episode demonstrates how Gemini 3, the Gemini CLI, and Antigravity enable rapid creation of agentic workflows and lightweight “AI employees.” Smitha Kolan, Vlad Kolesnikov, and guest Brandon Hancock present live demos building a portfolio site, parallel market-research agents, and a video-generating agent. The session highlights multimodal prompting, SOP-driven automation, parallel execution, and one-click deployment to Cloud Run.

🧭 Antigravity and Gemini CLI offer two complementary approaches for running agent-driven workflows. Antigravity delivers an approachable, graphical experience with an Agent Manager, in-browser application views, guided walkthroughs, and a native debugger for inspecting stack traces. Gemini CLI is terminal-first, installs via npm (npm install -g @google/gemini-cli, requires Node.js), supports headless/CI-friendly execution, and can call local tools like gh or gcloud. Both are extensible with MCP and Agent Skills, and both provide generous free tiers so teams can evaluate which workflow best fits their needs.

🔧 This guide explains how to build custom employee onboarding agents using the Agent Development Kit (ADK), Vertex AI Agent Engine, and Application Integration to connect conversational AI with enterprise systems such as ITSM, ERP, and CRM. It describes a grounded agentic workflow where a Gemini Enterprise front-end captures intent, a low-code Application Integration layer performs deterministic transformations and authentication, and backend systems execute transactions. The result is a role-aware, auditable onboarding experience that automates tasks like laptop provisioning while keeping business rules and approvals intact.

✨ BigQuery now integrates Gemini and Vertex AI models directly into SQL, enabling in-place generative AI and embedding workflows. New functions—AI.GENERATE(), AI.GENERATE_TABLE(), AI.EMBED(), and AI.SIMILARITY()—support text and multimodal inputs and return structured outputs via an output_schema for immediate querying. End User Credentials simplify authentication, and Gemini 3.0 Pro/Flash support is available for advanced generative tasks.