All news with #google tag

AI Forecasting and Conversational Analytics in BigQuery

🔎 Google added two BigQuery tools—ask_data_insights and BigQuery Forecast—to the MCP Toolbox and the Agent Development Kit (ADK) to enable conversational analytics and time-series predictions for agents. ask_data_insights uses the Conversational Analytics API to interpret plain-English questions, generate and run queries, and return summarised answers with a step‑by‑step log for transparency. BigQuery Forecast leverages BigQuery ML’s TimesFM model via AI.FORECAST so agents can run forecasting jobs directly inside BigQuery without separate ML infrastructure.

Researchers Disclose Trio of Gemini AI Vulnerabilities

🔒 Cybersecurity researchers disclosed three now-patched vulnerabilities in Google's Gemini suite that could have exposed user data and enabled search- and prompt-injection attacks. The flaws, labeled the Gemini Trifecta, impacted Gemini Cloud Assist, the Search Personalization model, and the Browsing Tool. Following responsible disclosure, Google stopped rendering hyperlinks in log summaries and implemented additional hardening. Tenable warned these issues could have allowed covert exfiltration of saved user information and location data.

Gemini Trifecta Exposes Indirect AI Attack Surfaces

⚠️Tenable has revealed three vulnerabilities in Google's Gemini platform, collectively dubbed the "Gemini Trifecta," that enable indirect prompt injection and data exfiltration through integrations. The issues allow attackers to poison GCP logs consumed by Gemini Cloud Assist, inject malicious entries into Chrome search history to manipulate the Search Personalization Model, and coerce the Browsing Tool into fetching attacker-controlled URLs that leak sensitive query data. Google has patched the flaws, and Tenable urges security teams to treat AI integrations as active threat surfaces and implement input sanitization, output validation, monitoring, and regular penetration testing.

Advanced Threat Hunting with LLMs and the VirusTotal API

🛡️ This post summarizes a hands-on workshop from LABScon that demonstrated automating large-scale threat hunting by combining the VirusTotal API with LLMs inside interactive Google Colab notebooks. The team recommends vt-py for robust programmatic access and provides a pre-built "meta Colab" that supplies Gemini with documentation and working code snippets so it can generate executable Python queries. Practical demos include LNK and CRX analyses, flattened dataframes, Sankey and choropleth visualizations, and stepwise relationship retrieval to accelerate investigations.

Anthropic's Claude Sonnet 4.5 Now Available on Vertex AI

🚀 Anthropic’s Claude Sonnet 4.5 is now generally available on Vertex AI, delivering advanced long-horizon autonomy for agents across coding, finance, research, and cybersecurity. The model can operate independently for hours, orchestrating tools and coordinating multiple agents to complete complex, multi-step tasks. Vertex AI provides orchestration, provisioning, security controls, and developer tooling, and includes Claude Code upgrades like a VS Code extension and an improved terminal interface.

Adopt New VM Series with GKE Compute Classes, Flex CUDs

⚙️ Google Cloud outlines a practical approach to adopt Gen4 VM families by pairing GKE compute classes with Compute Flexible CUDs, enabling prioritized machine-family fallbacks and spend-based discounts. Compute classes let teams define prioritized machine families (for example, N4 then N2) so the cluster autoscaler can provision preferred hardware while preserving availability. Flex CUDs apply discounts across eligible VM families and follow consumption, protecting committed discounts when fallbacks occur. Together these features reduce migration risk and simplify platform operations.

Google Cloud Customers: Monthly Innovations Roundup

🚀 This roundup highlights how leading organizations are using Google Cloud to optimize networks, accelerate AI, and scale mission-critical services. From Uber reducing edge latency with Hybrid NEGs to Target rebuilding search with AlloyDB AI hybrid search, customers report measurable gains in performance, cost, and reliability. Healthcare, finance, media, and telecommunications teams also describe operational wins — faster inference, seamless migrations, and stronger real-time experiences.

Boards Should Be Bilingual: AI and Cybersecurity Strategy

🔐 Boards and security leaders should become bilingual in AI and cybersecurity to manage growing risks and unlock strategic value. As AI adoption increases, models and agents expand the attack surface, requiring hardened data infrastructure, tighter access controls, and clearer governance. Boards that learn to speak both languages can better oversee investments, M&A decisions, and cross-functional resilience while using AI to strengthen defense and competitive advantage.

Google Distributed Cloud at the Edge Powers USAF Operations

🚀 The U.S. Air Force, working with Google Public Sector and GDIT, deployed the Google Distributed Cloud air-gapped appliance to run classified workloads at the tactical edge in DDIL environments. The rugged, transportable system demonstrated secure, Zero Trust-capable processing up to Secret, delivering on-device AI for transcription, OCR, translation, and summarization during Mobility Guardian 2025 in Guam. It also supported containerized IL2 collaboration, Luna AI integration for low-latency air-defense data, a Jupyter-based edge dev environment, and AI-enabled tele-maintenance to convert manuals and visual data into actionable maintenance insights.

Agent Payment Protocol: Enabling Trusted Agent Commerce

🔐 Agent Payment Protocol (AP2) is an open trust layer that enables AI shopping agents to complete purchases without ever handling raw payment credentials. AP2 enforces a role-based separation—shopping agent, merchant endpoint, credential provider, and payment processor—and relies on verifiable credentials to produce cryptographic proof of intent and approval. It defines three mandate types (Cart, Intent, Payment) to support both human-present and human-not-present flows. Developers can adopt AP2 as an extension to A2A and MCP to reduce PCI scope and improve accountability.

TELUS Boosts Productivity with ChromeOS and Cameyo Deployment

🚀 TELUS modernized its global digital workplace by deploying ChromeOS, Google Workspace, Cameyo, and Chrome Enterprise Premium to create a browser-first, zero-trust app streaming platform. The TELUS Desktop Stream replaced costly VDI, avoided a $15 million infrastructure refresh, and cut login times by threefold. More than 100 applications now run through Cameyo, improving call-center throughput and agent productivity. IT teams report simplified management, stronger contextual security, and reduced reliance on VPNs.

Chinese Group Uses BRICKSTORM Backdoor Against US Firms

⚠️ Google Threat Intelligence Group says a Chinese-aligned cluster has used the BRICKSTORM backdoor in intrusion campaigns since at least March 2025 against US legal and technology firms, SaaS providers and outsourcing companies. Attackers focused on harvesting emails and files from key individuals and establishing long-term footholds. The group, tracked as UNC5221, exploited zero-days, deployed BRICKSTORM on VMware appliances, and used credential theft and persistence mechanisms to evade detection. Google and partners have published detection guidance and a Mandiant scanner script to help identify infections.

Google Cloud Announces Flex-start VMs for GPU Access

🚀 Google Cloud has launched Flex-start VMs, a Compute Engine consumption option powered by Dynamic Workload Scheduler that lets single VM instances wait in a managed queue for scarce GPUs. By setting request-valid-for-duration (90 seconds–2 hours) users keep capacity requests in PENDING and avoid custom retry logic. Flex-start VMs offer significant discounts versus on‑demand SKUs, consume preemptible quota, run uninterrupted for up to seven days, and integrate directly via the instances.insert API, gcloud CLI, or the Cloud Console. Instances support stop/start to pause billing and an instanceTerminationAction = STOP to preserve configuration when the seven‑day runtime expires.

Chinese Backdoor Grants Year-Long Access to US Firms

🔐 Chinese state-linked actors deployed a custom Linux/BSD backdoor called BRICKSTORM on network edge appliances to maintain persistent access into U.S. legal, technology, SaaS and outsourcing firms. These implants averaged 393 days of undetected dwell time and were used to pivot to VMware vCenter/ESXi hosts, Windows systems, and Microsoft 365 mailboxes. Mandiant and Google TAG attribute the activity to UNC5221 and have released a scanner and hunting guidance to locate affected appliances.

GenSec CTF at DEF CON: Accelerating AI in Security

🔒 At DEF CON 33, Google and Airbus hosted the GenSec Capture the Flag (CTF) to promote human–AI collaboration and accelerate adoption of AI in cybersecurity workflows. Nearly 500 participants completed introductory challenges, 23% used AI for security for the first time, and 85% found the event useful for learning practical AI applications. The CTF also featured Sec-Gemini as an optional assistant in the UI; 77% of respondents rated it very or extremely helpful, and organizers are incorporating feedback into future iterations.

Gemini CLI Extensions Enable Google Data Cloud Access

🔧 Google released open-source Gemini CLI extensions that integrate Gemini with Google Data Cloud services, enabling terminal-based access to BigQuery, Cloud SQL, and AlloyDB. Developers install the CLI (recommended v0.6.0), add extensions, and configure IAM and environment variables to connect to projects. Extensions support provisioning databases and users, natural-language querying, AI forecasting, and conversational analytics, though some require enabling additional APIs.

Google: Brickstorm malware stole data from U.S. orgs

🔒 Google researchers warn that the Go-based Brickstorm backdoor was used in prolonged espionage against U.S. technology, legal, SaaS, and BPO organizations, averaging a 393-day dwell time. Suspected activity from the UNC5221 cluster involved deploying the malware on appliances lacking EDR protection such as VMware vCenter/ESXi, where it acted as a web server, SOCKS proxy, file dropper, and remote shell. Operators used techniques like a malicious Java Servlet Filter (Bricksteal), VM cloning, and startup-script modifications to capture credentials and move laterally, then tunneled to exfiltrate emails via Microsoft Entra ID Enterprise Apps. Mandiant published a scanner and YARA rules to aid detection but cautions it may not catch all variants or persistence.

INDOT Used Google AI to Save 360 Hours and Meet Deadline

🚀 Indiana Department of Transportation built a week-long pilot on Google Cloud to meet a 30-day executive order, using a Retrieval-Augmented Generation workflow that combined rapid ETL, Vertex AI Search indexing, and Gemini. The system scraped and parsed decades of internal policies and manuals, produced draft reports across nine divisions with 98% fidelity, and saved an estimated 360 hours of manual effort, enabling INDOT to submit on time.

JS Bank modernizes with Google stack and ChromeOS rollout

🚀 JS Bank migrated its distributed IT estate to a unified Google ecosystem—deploying 1,500 Chromebooks and Chromeboxes while adopting Google Workspace and Chrome Enterprise Premium. The change delivered nearly 90% endpoint standardization, cut device management time by 40%, and halved daily support tickets. Built-in ChromeOS protections simplified security and reduced reliance on multiple third-party antivirus and anti-malware tools.

Deutsche Bank launches DB Lumina for AI research platform

🤖 DB Lumina is Deutsche Bank Research’s AI-powered assistant, built on Google Cloud and integrating multimodal Gemini models, RAG retrieval, and vector search. It provides a conversational chat interface, reusable prompt templates, and document-grounded answers with inline citations and enterprise guardrails for compliance. Early deployment to roughly 5,000 analysts has yielded measurable time savings, deeper analysis, and improved editorial accuracy.