All news with #google cloud tag

Google Adds Official MCP Support Across Key Cloud Services

🔌 Google announced fully-managed, remote support for Anthropic's Model Context Protocol (MCP), enabling agents and standard MCP clients to access a unified, enterprise-ready endpoint for Google and Google Cloud services. The managed MCP servers integrate with services like Google Maps, BigQuery, GCE, and GKE to let agents perform geospatial queries, in-place analytics, and infrastructure operations. Built-in discovery, governance, IAM controls, audit logging, and Google Cloud Model Armor provide security and observability. Developers can expose and govern APIs via Apigee and the Cloud API Registry to create discoverable tools for agentic workflows.

Tools and Strategies to Secure Model Context Protocol

🔒 Model Context Protocol (MCP) is increasingly used to connect AI agents with enterprise data sources, but real-world incidents at SaaS vendors have exposed practical weaknesses. The article describes what MCP security solutions should provide — discovery, runtime protection, strong authentication and comprehensive logging — and surveys offerings from hyperscalers, platform providers and startups. It stresses least-privilege and Zero Trust as core defenses.

Nutanix NC2 Now Generally Available on Google Cloud

🚀 Nutanix Cloud Clusters (NC2) is now generally available on Google Cloud, enabling organizations to run their Nutanix hybrid cloud directly on Google Compute Engine bare metal without refactoring workloads. NC2 supports the Z3 and C4 machine families with high-density NVMe local SSDs, integrates Nutanix Flow virtual networking, and maintains unified management via Prism Central. The solution connects to Google data and AI services like BigQuery and Vertex AI, supports license portability, and will be purchasable through Google Cloud Marketplace.

Google Application Design Center Now Generally Available

🛠️ Google's Application Design Center is now generally available, delivering a visual, canvas-style, AI-assisted environment to design and deploy Terraform-backed application templates. It pairs Gemini Cloud Assist with opinionated Terraform components to generate deployable infrastructure patterns and architecture diagrams. Integrated with App Hub and Cloud Hub, it makes applications discoverable, observable, and manageable, while supporting BYO-Terraform, GitOps, and enterprise governance to accelerate platform engineering and developer self-service.

Securing Web3 Agents: MCP Transaction Models & Practices

🔐 This post from Adrien Delaroche at Google Cloud outlines three architectures for AI agents that interact with blockchains: the agent-controlled custodial model, a self-hosted variant, and the non-custodial transaction-crafter model. It explains security, performance, and malice risks when agents hold private keys and recommends returning unsigned transactions so users sign locally. The author demonstrates a sample implementation using Google ADK, Gemini 2.0 Flash, Cloud Run, and an Ethereum faucet, and urges MCP servers to support both signing and unsigned flows to balance automation with user safety.

Back Market Migrates to Google Data Cloud, Cuts Costs

🔁 Back Market migrated its data and core tech stack from AWS-based Snowflake and Databricks to Google Cloud, consolidating all historical and operational data in BigQuery. The team executed a two-week proof of concept and a live double-run migration that kept production on Databricks while writing to cloned BigQuery tables until outputs matched. They replaced AWS DMS with Datastream, implemented hourly batching to control small-file costs, and completed critical switchover in six months. The move halved data processing times, cut CDC costs by 90%, reduced technical debt, and improved observability, governance, and developer productivity.

Critical React4Shell RSC Vulnerability CVE-2025-55182

🛡️ A critical remote code execution flaw, CVE-2025-55182 (React4Shell), was disclosed affecting React Server Components and multiple derivatives including Next.js, React Router RSC preview, and several bundler plugins. The bug arises from unsafe deserialization of Flight protocol payloads and permits unauthenticated HTTP requests to execute code on vulnerable servers. Immediate updating to the patched React and Next.js releases, plus deployment of WAF rules and access restrictions, is strongly recommended.

Replit and Google Cloud Expand Vibe Coding for Enterprise

🚀 Replit and Google Cloud have expanded a strategic, multi‑year partnership to bring vibe coding capabilities to enterprise developers and teams. Replit will continue to run on Google Cloud infrastructure—leveraging Cloud Run, Google Kubernetes Engine, BigQuery, and Vertex AI—and now supports Google models including Gemini 3, 2.5 Flash Lite, 2.5 Flash, and Imagen 4 to power coding and multimodal workflows. The agreement also includes joint go‑to‑market and co‑sell initiatives to accelerate adoption across enterprise customers.

Public Sector Agentic Era: 300 Agents in One Day Showcase

🤖 Google Public Sector ran a #100DaysOfAgents campaign and an interactive Mission District at its October 29, 2025 Public Sector Summit where attendees built 300+ AI agent prototypes using self-serve builder stations. The initiative demonstrates how AI agents can accelerate mission outcomes by automating complex tasks, breaking down data silos, and improving access to services. Prototype examples ranged from a Grid Optimization Analyst to a Water System Transition Planner and an NIH Access Assistant; agents in the library are illustrative, not production-ready. Google invites agencies to partner with experts, prototype with Gemini for Government, and continue development at Google Cloud Next.

Designing for GKE's Flat Network: Practical Recommendations

🔍 This post previews Google's new design recommendation for leveraging GKE's flat network, explaining how it differs from island-mode networking and how teams can adapt existing architectures. It highlights recommended patterns and a reference design that emulates island-mode behavior within the flat model. The guidance focuses on IP address management, scalability, and integration points to ease migration for critical workloads such as generative AI.

GKE Turns 10 Hackathon: Winners and Technical Highlights

🚀 The GKE Turns 10 Hackathon showcased developer teams building agentic AI on GKE integrated with Google models such as Gemini. More than 4,700 participants from 133 countries produced 133 projects demonstrating multi-agent pipelines, model orchestration, and microservice integration. Grand prize winner Amie Wei’s Cart-to-Kitchen assistant uses GKE Autopilot, the Agent Development Kit (ADK), and Agent-to-Agent protocols to analyze grocery carts and recommend recipes. Google also announced GEAR, an educational sprint launching in early 2026 to help developers learn, build, and deploy AI agents.

Google Cloud Next 2026: Registration Open in Las Vegas

🎟️ Registration is now live for Google Cloud Next, returning to Las Vegas April 22–24, 2026. Secure early bird pricing at $999 for a limited time and join a global community of builders, engineers, and business leaders for keynotes, deep-dive sessions, hands-on labs, demos, hackathons, and workshops. Expect practical AI-focused content and collaborative networking designed to deliver actionable insights and skills.

No-Cost Google Cloud AI Training to Upskill This Holiday

🎁 This holiday season Google Skills provides no-cost AI courses and hands-on labs taught by Google Cloud experts, intended for both technical and non-technical learners. Technical offerings include sandboxed labs covering Gemini Code Assist, Vibe coding, Model Context Protocol (MCP) integration, ADK agents, fine-tuning, and AI infrastructure, with 35 free monthly credits to practice in real environments. Non-technical content emphasizes leadership, Gemini Enterprise, NotebookLM, short practical lessons, and skill badges or certification prep to validate progress.

Startup Frenetik Launches Patented Deception Technology

🔐 Frenetik, a Maryland cybersecurity startup, emerged from stealth with a patented approach called Deception In-Use that continuously rotates real identities and resources across Microsoft Entra (M365), AWS, Google Cloud and on-prem environments. By routing critical change details through out-of-band channels accessible only to trusted parties, defenders retain accurate visibility while attackers operate on stale intelligence and are more likely to be funneled into decoys and honeypots.

NETSCOUT Omnis Wins Overall Network Security Award

🔍 NETSCOUT’s Omnis Cyber Intelligence was named “Overall Network Security Solution of the Year” in the ninth annual CyberSecurity Breakthrough Awards. The platform delivers always-on, packet-based visibility using scalable deep packet inspection to continuously capture, analyze, and retain high-fidelity network metadata. Its on-sensor storage minimizes data movement and helps address compliance and sovereignty requirements while providing the historical context analysts need to investigate threats across cloud and on-premises environments.

AWS launches preview of Interconnect - multicloud service

🔗 AWS has opened a preview of AWS Interconnect - multicloud, a new service to create private, resilient, high-speed links between Amazon VPCs and other cloud providers. The preview launches with Google Cloud as the initial partner and a planned expansion to Microsoft Azure in 2026. It integrates with AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC, and is available in five AWS Regions via the AWS Management Console. CSPs can adopt the capability through a published open API package on GitHub.

Public GitLab Repositories Exposed 17,000+ Secrets

🔒 After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Using the open-source tool TruffleHog and an AWS-driven pipeline (SQS queue and Lambda workers), the researcher completed the scan in just over 24 hours at a cost of $770. Notifications were automated with Claude Sonnet 3.7 and scripts; affected parties revoked many credentials and the researcher collected $9,000 in bug bounties, though some secrets remain exposed.

Choosing the Best Cloud Security Posture Management Tools

🔒 Cloud security posture management (CSPM) combines threat intelligence, continuous detection, and automated remediation to find and fix cloud misconfigurations that can expose data. Customers—not cloud providers—are responsible for configuring and protecting workloads, so organizations must select CSPM that delivers multicloud visibility, integrated data security, and policy-driven automated remediation. Modern offerings increasingly fold CSPM into broader CNAPP and SSE suites from vendors such as Wiz, Palo Alto Networks, Tenable, and CrowdStrike, making coverage, integration, and operational model critical factors in vendor selection.

Shai-Hulud v2 Supply-Chain Campaign Hits Maven Central

⚠️ The second wave of the Shai-Hulud supply-chain attack has moved from npm into the Maven ecosystem after researchers found org.mvnpm:posthog-node:4.18.1 embedding the same setup_bun.js loader and bun_environment.js payload. The artifact was rebundled via an automated mvnpm process and was not published by PostHog; mirrored copies were purged from Maven Central on Nov 25, 2025. The campaign steals API keys, cloud credentials and npm/GitHub tokens by backdooring developer environments and injecting malicious GitHub workflows, affecting thousands of repositories.

Using Private NAT for Overlapping Private IP Spaces

🔒 Google Cloud's Private NAT enables secure private-to-private translation to connect networks with overlapping or non-routable IPv4 ranges without running NAT appliances. As a managed Cloud NAT feature, it delivers high availability, automatic scalability, and centralized control for hybrid and multi‑VPC topologies. The post includes practical gcloud examples and Network Connectivity Center use cases to guide implementation.