All news with #google tag

🔒 Google is folding CodeMender into its broader Agent Platform strategy, expanding the AI-powered security agent from standalone vulnerability remediation toward an integrated, governed enterprise agent ecosystem. Launched in October 2025 to autonomously identify and patch vulnerabilities using Gemini models, CodeMender reportedly upstreamed dozens of fixes but lacks published performance metrics on accuracy and regressions. The integration emphasizes governance, observability, and identity, positioning CodeMender as a controlled participant in AI-native development and security pipelines rather than an unsupervised remediation tool.

🛡️ Google inadvertently published details of an unfixed Chromium vulnerability that allows JavaScript to continue running after the browser is closed, enabling remote code execution via persistent Service Workers. Reported by researcher Lyra Rebane in December 2022, the issue affects all Chromium-based browsers and was marked fixed in February 2024 but a patch was not shipped. The bug tracker entry was briefly made public on May 20, revealing the exploit still works in Chrome Dev 150 and Edge 148, making attacks stealthier and increasing risk until an emergency fix is released.

🚀 At Google I/O ‘26, Google Cloud announced expanded agentic capabilities, new frontier models, and developer tools to help startups move from prototype to production. Highlights include Gemini 3.5 Flash and Gemini Omni for multimodal content, Antigravity 2.0 as an agent control plane with CLI/SDK and dynamic subagents, and Managed Agents to run agent workloads securely in Google Cloud. The releases aim to accelerate development, reduce infrastructure overhead, and provide enterprise-grade security.

🛠️ At Google I/O 2026, Google announced expanded integration between AI Studio and Google Cloud, allowing new users to deploy up to two full-stack apps on the Starter Tier without a billing account. Developers can now choose between Firestore (non-relational) and Cloud SQL (relational) with Firebase Auth for unified authentication. The AI agent can infer or provision the appropriate database, provision resources, generate schema and code, and deploy apps directly to Cloud Run for rapid prototyping.

🔔 AppLifecycle Manager Feature Flags (ALM FF) enters public preview as a rule-based service to decouple feature releases from code deployments. By using toggles and the Common Expression Language (CEL), teams can perform gradual rollouts, instant kill-switches, and percentage-based traffic ramps. String-type flags enable dynamic configuration for applications, including LLM prompts, while OpenFeature compatibility avoids vendor lock-in.

🔐 This post explains why API keys are sensitive credentials for accessing Google AI and Cloud services and why careless handling leads to misuse or billing abuse. It outlines simple, actionable steps: create keys in dedicated projects, apply API and application restrictions, and store keys in Secret Manager or equivalent. The article also covers detection and response—how to list keys, monitor usage metrics, delete compromised keys, and rotate keys to reduce risk.

🚀Urban Outfitters, Inc. (URBN) recently migrated its IBM Sterling OMS from an 11TB Oracle backend to Google Cloud’s AlloyDB for PostgreSQL to reduce TCO and improve scalability and performance. The migration was executed through close collaboration among URBN, IBM, and Google Cloud, with embedded engineering teams driving planning, testing, and tuning. Outcomes included optimized storage and compute, two read replicas for higher availability, significant performance improvements, and a shift toward open standards to future-proof operations.

🚀 Google AI Edge Portal now enables developers to benchmark and debug on-device LLMs across a physical lab of over 120 representative Android devices. It profiles initialization time, prefill and decode speeds, and peak memory usage across CPU, GPU, and NPU backends to surface real user-impacting metrics. The integrated Model Explorer visualizes model graphs, tensor shapes, and traces to speed root-cause analysis and collaboration.

🚀 Google Cloud announced general availability of GKE Agent Sandbox and introduced the open-source Agent Substrate. Agent Sandbox is a cloud-native execution environment designed for AI agents, offering pod snapshots to suspend idle workloads, an integrated warm pool for sub-second provisioning, gVisor and pluggable kernel isolation, and standby suspended VMs to reduce warm-pool cost. Agent Substrate aims to provide a minimal control plane and scheduler optimizations to support ultra-dense, low-latency agent workloads at scale.

🔧 Google today introduced Agent Executor, an open-source runtime standard for durable, resumable, and distributed agent execution. It offers event logging and snapshotting to enable durable execution, secure sandbox isolation to limit harm, and a single-writer architecture to maintain session consistency. Agent Executor also supports connection recovery so clients can reconnect to long-running workflows. The project is available in preview and pairs with Agent Substrate to improve Kubernetes-scale agent scheduling.

🔧 At Google I/O, Google Cloud introduced a unified developer toolkit that brings Antigravity 2.0, the Gemini Enterprise Agent Platform, the Managed Agents API, and ADK 2.0 into a shared protocol layer to accelerate local development and secure cloud deployment. The post outlines a four-rung ladder from low-code Agent Studio to code-first ADK, all underpinned by the interoperable A2A protocol. New Antigravity desktop and CLI tools provide a consistent harness for coding agents, while Managed Agents offer agent-as-a-service with sandboxed execution. The platform emphasizes governance, skill reuse, evaluation tooling, and secure pipelines for production.

🤖 Today at Google I/O, Google Cloud announced a broad set of AI advances delivered through Gemini Enterprise and Google Workspace, including Gemini 3.5 Flash, Gemini Omni, Antigravity, and Gemini Spark. These offerings include new models, an Agent Platform with a Managed Agents API, and CodeMender for automated code security. The updates emphasize agentic workflows, multimodal content creation, enterprise-grade security, and faster, cost-efficient model performance.

🔧 Data Agent Kit is an open-source toolkit from Google Cloud that brings data engineering and data science skills, plugins, and secure connectors directly into your IDE or CLI. It provides prebuilt agentic skills, Model Context Protocol (MCP) integrations to BigQuery, AlloyDB, and Cloud Storage, plus native extensions for VS Code, Gemini CLI, Claude Code, and Codex. By grounding agents in unified enterprise data, it reduces manual ETL and context-window costs and accelerates intent-driven pipelines; the kit is available in preview.

🔬 At Google, A/B experimentation extends beyond UI tweaks to critical infrastructure components like kernels, memory allocators, and schedulers. They run machine-level experiments on representative 1% subsets of the fleet to avoid selection bias and capture system-wide effects across colocated workloads. The framework enforces binary hermeticity and a strict two-step rollout so experiments can be activated and rolled back safely. Performance is assessed using application-defined productivity metrics, machine counters, and reliability signals.

🤖 The Gemini Live Agent Challenge drew 11,878 participants and 1,536 submissions from 151 countries, inviting developers to build next-generation multimodal AI agents with the Gemini Live API, the Agent Development Kit (ADK), and Google Cloud infrastructure. Entries competed across three categories — Live Agent, Creative Storyteller, and UI Navigator — producing winners like ORION, drone-copilot, and Sankofa. Two category winners presented their projects at Google Cloud Next 2026 and shared insights on stage and in interviews. The post lists all winners and highlights routes for developers to continue building, including GEAR and weekly livestreams.

🔐 Google Threat Intelligence Group (GTIG) details UNC6671, operating as "BlackFile," which uses large-scale voice phishing (vishing) and adversary-in-the-middle techniques to bypass MFA and compromise SSO access. The group targets Microsoft 365 and Okta, leveraging Python and PowerShell scripts to automate exfiltration and repurpose valid session cookies to "stream" files. GTIG highlights detection indicators such as python-requests User-Agent mismatches, nonstandard IP infrastructure, and subdomain-based credential-harvesting sites to aid defenders.

🔒 In this May 2026 Cloud CISO Perspectives entry, Vinod D’Souza and Anthony Belfiore outline how Google and Wiz are combining deep cloud telemetry with advanced AI research to address multicloud security challenges. They emphasize a developer-centric shift that moves remediation into code using tools like Wiz Code and sensors for hybrid Linux, vSphere, and Windows environments. The authors envision agentic SOCs and near real-time defenses that boost analyst efficiency while preserving human-in-the-loop oversight. The collaboration aims to accelerate self-healing infrastructure without compromising availability.

🔐 Google has added Android Intrusion Logging, released on May 12 as part of Android Advanced Protection Mode, to help investigate spyware on Android devices. The opt-in feature logs device and network activity and was developed with Amnesty International’s Security Lab and Reporters Without Borders. Logs are encrypted with a user-generated key and can only be shared by the device owner for forensic analysis.

🚦Google outlines a blueprint for safer, more resilient transportation systems powered by AI. Leaders from Utah DOT, CalSTA, and Deloitte describe tools like Roadway Safety Insights (RSI) that integrate dozens of datasets to predict and mitigate risks, shifting agencies from reactive fixes to proactive safety. The article stresses resolving fragmented data and creating trusted single sources of truth to maximize AI value. Readers are invited to a Best of Next Public Sector Webinar and live demos at ITS America in June.

🔐 Intrusion Logging is an opt-in feature in Android's Advanced Protection Mode that records daily device and network activity to support forensic investigations. Developed with Amnesty International and Reporters Without Borders, it captures app launches, installs, network connections, USB file transfers, certificate changes, and lock/unlock events. Logs are end-to-end encrypted on the device, stored on Google servers for 12 months, and cannot be deleted early; users may download decrypted logs for external review but remain responsible for their security.