< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 14 of 30

Google Issues Patch for In-the-Wild Chrome Zero-Day

🔒 Google has released an urgent security update for Chrome to address CVE-2026-2441, a high-severity zero-day affecting desktop builds on Windows, macOS and Linux. The flaw, rooted in a CSS processing issue, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Google confirmed an exploit is already in the wild and credited researcher Shaheen Fazim for reporting the bug on February 11; the company issued the patch on February 13.
read more →

Google patches first Chrome zero-day exploited in attacks

🔧 Google released emergency updates to fix a high-severity Chrome zero-day (CVE-2026-2441) that is being exploited in the wild. The flaw is a use-after-free caused by an iterator invalidation bug in CSSFontFeatureValuesMap, and Google pushed a backported patch across stable branches. Fixes are rolling out to Windows and macOS (145.0.7632.75/76) and Linux (144.0.7559.75); users should update or let Chrome apply updates automatically. Google noted additional related work remains tracked in bug 483936078.
read more →

Google patches Chrome zero-day CVE-2026-2441; active exploit

⚠️ Google released updates for Chrome to patch CVE-2026-2441, a high-severity (CVSS 8.8) use-after-free vulnerability in CSS that has been confirmed as exploited in the wild. Discovered by researcher Shaheen Fazim on Feb 11, 2026, the bug can enable remote code execution inside Chrome's sandbox via a crafted HTML page. Users should update to 145.0.7632.75/76 (Windows/macOS) or 144.0.7559.75 (Linux) and ensure Chromium-based browsers receive equivalent fixes.
read more →

Google Detects Large-Scale Attempt to Clone Gemini

🔒 Google detected and blocked a coordinated campaign of more than 100,000 prompts it says were designed to extract the proprietary reasoning capabilities of its Gemini model. The requests resembled model-extraction or distillation efforts intended to reproduce internal reasoning traces across multiple languages, and Google says it intervened in real time to reduce the immediate risk. The company cautioned that systematic extraction can amount to intellectual property theft and said it will pursue takedowns and legal remedies while trying to balance legitimate research and evaluation needs.
read more →

GTIG AI Threat Tracker: Distillation and Integration

🛡️ Google Threat Intelligence Group (GTIG) reports rising adversarial use of AI in Q4 2025, including widespread model extraction, AI-augmented reconnaissance, social engineering, and trials of agentic tooling. GTIG and Google DeepMind detected and mitigated numerous extraction attempts, protected internal reasoning traces, and disabled abusive assets in real time. The update describes AI-enabled proofs-of-concept (for example HONESTCUE and COINBAIT), abuses of shareable chat outputs, underground proxy toolkits, and published IOCs to support defenders.
read more →

Google updates parental controls and youth protections

🔒 On Safer Internet Day, Google and YouTube announced updates to parental controls, wellbeing defaults and educational resources to help kids and teens navigate the online world. Family Link's redesigned interface centralizes device management, screen-time controls and app restrictions, while YouTube simplifies kid account setup, adds Shorts timers and applies age-estimation and default privacy protections for under-18 creators. Additional tools include Android School time, a Gemini Guided Learning mode to promote critical thinking, and the Be Internet Awesome AI literacy guide for classrooms.
read more →

Safer Internet Day: Five Tips for Safe AI Learning

📚 Google offers five concise tips for safer, more effective learning with AI, aimed at students, parents, and educators ahead of Safer Internet Day. Recommendations include setting online/offline boundaries with tools like SafeSearch and Family Link, plus a "School time" mode for focused study. The guidance also stresses critical thinking, spotting AI content with methods such as SIFT and platform signals like About this image and SynthID, while encouraging parental involvement and programs like Be Internet Awesome.
read more →

Preparing for the Quantum Era: A Call to Secure PQC

🔐 Google issues a call to action to protect digital systems against quantum threats, outlining its post-quantum cryptography (PQC) work and policy recommendations. The company warns that large-scale quantum computers could break current public-key cryptography and cautions about 'store now, decrypt later' harvesting of encrypted data. Google commits to research transparency, completing PQC migrations within NIST guidelines, and strengthening crypto agility, critical shared infrastructure, and ecosystem readiness.
read more →

GKE Inference Gateway Cuts Latency for Vertex AI Performance

🚀 The Vertex AI team deployed the GKE Inference Gateway, built on the Kubernetes Gateway API, to reduce inference latency and improve cache efficiency without a custom scheduler. The gateway applies load-aware routing—scraping Prometheus metrics like KV cache utilization and queue depth—and content-aware routing that inspects request prefixes to send traffic to pods with warm context. In production this cut Time to First Token by ~35% for Qwen3-Coder, improved P95 by ~52% for a bursty chat model, and doubled prefix-cache hit rates from 35% to 70%.
read more →

Google Cloud Adds Anthropic Claude Opus 4.6 to Vertex AI

🚀 Google Cloud has added Anthropic's Claude Opus 4.6 to Vertex AI, extending its curated model catalog for enterprise and agentic workloads. Opus 4.6 is positioned for complex coding, polished document and spreadsheet generation, advanced tool calling, and sophisticated multi-step agents. Feature highlights include GA support for adaptive thinking, an effort parameter, 128k output tokens, and previews for a 1M context window and compaction API. Google emphasizes managed agent tooling, governance, and infrastructure to deploy Claude-powered agents at scale.
read more →

AISURU/Kimwolf Botnet Launches Record 31.4 Tbps DDoS

🚨 Cloudflare attributed a record hyper‑volumetric HTTP DDoS to the AISURU/Kimwolf botnet that peaked at 31.4 Tbps and lasted 35 seconds in November 2025. The group was also linked to a campaign codenamed The Night Before Christmas, which began on December 19, 2025, and produced averages near 3 Bpps, 4 Tbps and 54 Mrps. Google and Cloudflare disrupted the IPIDEA residential proxy network used to recruit more than 2 million Android devices.
read more →

Getting Started with Gemini 3: Google Cloud Free Trial

🔓 This article explains how to begin using Gemini 3 by activating the Google Cloud Free Trial, which grants new users $300 in credits valid for 91 days plus ongoing Free Tier usage. It walks through eligibility checks, signing in with a Google Account, accepting terms, and completing identity verification with a payment method (you are not charged automatically). The post highlights useful Free Tier limits — including Cloud Run, Compute Engine, Cloud Storage, and BigQuery — and shows how to enable billing, import the Cloud Project into Google AI Studio, create a project-attached API key, and call Nano Banana Pro and other Gemini Pro models.
read more →

Agent Factory Recap: Build an AI Workforce with Gemini

🤖 Google’s Agent Factory episode demonstrates how Gemini 3, the Gemini CLI, and Antigravity enable rapid creation of agentic workflows and lightweight “AI employees.” Smitha Kolan, Vlad Kolesnikov, and guest Brandon Hancock present live demos building a portfolio site, parallel market-research agents, and a video-generating agent. The session highlights multimodal prompting, SOP-driven automation, parallel execution, and one-click deployment to Cloud Run.
read more →

Former Google Engineer Guilty of Stealing AI Secrets

🔒 A former Google engineer, Linwei Ding, was convicted by a US federal jury on 14 counts, including economic espionage and theft of trade secrets, after allegedly exfiltrating over 2,000 pages of sensitive AI technical documents. Prosecutors say he copied data into Apple Notes, converted it to PDFs, and uploaded the materials to a personal Google Cloud account to evade DLP controls. The stolen IP involved custom TPU and GPU orchestration software and SmartNIC designs intended for AI supercomputers, and the DoJ alleges Ding planned to support Chinese state-affiliated entities.
read more →

Former Google Engineer Convicted for Stealing AI Data

🔒 A U.S. jury has convicted Linwei Ding, a former software engineer at Google, for stealing confidential AI supercomputer information and covertly sharing it with China-based technology firms. Prosecutors say Ding exfiltrated more than 2,000 pages of proprietary material — including details about TPU and GPU systems, orchestration software, and SmartNIC networking — by uploading files to his personal cloud account between May 2022 and April 2023. He later founded Shanghai Zhisuan Technology Co., sought government talent programs, and was convicted on multiple counts of economic espionage and trade secret theft after an 11-day San Francisco trial.
read more →

Ex-Google Engineer Convicted for Stealing AI Trade Secrets

🛡️ Linwei Ding, a former Google engineer, was convicted by a federal jury on multiple counts of economic espionage and theft of trade secrets after allegedly taking more than 2,000 confidential documents tied to Google's AI infrastructure and chip designs. Prosecutors say the material included details on Google's TPU and GPU architectures, Cluster Management System software, and custom SmartNICs used in AI supercomputers. Authorities allege the theft occurred between May 2022 and April 2023 and that Ding copied files to personal accounts and founded a China-based startup while still employed by Google. He faces significant federal prison terms if sentenced.
read more →

Google Disrupts IPIDEA Residential Proxy Network at Scale

🔒 Google Threat Intelligence Group, working with industry partners, disrupted the IPIDEA residential proxy network by taking down domains, infected-device management systems, and proxy-traffic routing infrastructure. The operation targeted SDKs embedded in at least 600 trojanized Android apps and over 3,000 malicious Windows binaries, which collectively enrolled about 6.7 million devices worldwide. GTIG reported that more than 550 distinct threat groups abused IPIDEA for account takeovers, credential theft, botnet control, and DDoS support; users should avoid untrusted VPNs and apps that pay for bandwidth.
read more →

Google and Partners Disrupt Major Residential Proxy Network

🔍 Google and industry partners have disrupted IPIDEA, a large residential proxy network used to conceal malicious activity. The operation combined court action to seize domains with intelligence-sharing and platform enforcement, including expanded protections in Google Play Protect that remove apps embedding IPIDEA SDKs and block further installs. Google reports these steps have reduced the pool of proxy devices by millions and expect knock-on effects across reseller-linked services. The network’s SDKs were tied to multiple botnets and used by numerous threat actors to obscure follow-on attacks.
read more →

Google Cloud Brings Conversational Analytics to BigQuery

🔍 Conversational Analytics in BigQuery (preview) brings an AI-powered reasoning agent into BigQuery Studio, enabling users to query, visualize, and forecast directly with natural language. The agent generates and executes SQL grounded in your schema, metadata, and verified queries, and it exposes the SQL and reasoning behind each answer to build trust. Security, governance, and audit logging are enforced by BigQuery’s compliance controls, and the feature also supports unstructured data and API integration for custom agents.
read more →

Google Cloud releases Vertex AI .NET extensions (preview)

🚀 Google.Cloud.VertexAI.Extensions brings Microsoft.Extensions.AI abstractions to .NET developers, enabling access to Google Gemini models on Vertex AI via a unified API. The preview package implements core interfaces — IChatClient, IEmbeddingGenerator, and an experimental IImageGenerator — and supports chat, streaming responses, embeddings, and image generation samples. It targets developers who want provider-agnostic integration and invites feedback while in pre-release.
read more →