All news with #google tag

Container-Optimized Compute Delivers Fast Autopilot Scaling

🚀 GKE Autopilot now runs on a container-optimized compute platform that rethinks autoscaling to deliver near-real-time capacity. The platform uses dynamically resizable VMs and a pool of pre-provisioned compute so nodes can be resized or allocated without disrupting workloads. Customers on GKE Autopilot 1.32+ get faster pod scheduling, improved HPA responsiveness, and support for in-place pod resize out of the box. Google recommends the general purpose compute class for small, gradually scaling services.

Cloud CISO Perspectives: Fighting Cyber-Enabled Fraud

🔒 David Stone and Marina Kaganovich from Google Cloud’s Office of the CISO warn that cyber-enabled fraud (CEF) is scaling rapidly and presents severe financial and reputational risk. The post cites FBI data — $13.7 billion in losses in 2024 — and highlights common tactics such as phishing, ransomware, account takeover, and business email compromise. It urges CISOs and boards to shift from siloed defenses to a proactive, enterprise-wide posture using frameworks like FS-ISAC’s Cyber Fraud Prevention Framework and Google Cloud detection and protection capabilities.

Gemini Available On-Premises with Google Distributed Cloud

🚀 Gemini on Google Distributed Cloud (GDC) is now generally available for customers, bringing Google’s advanced Gemini models on‑premises with GA for air‑gapped deployments and a connected preview. The solution provides managed Gemini endpoints with zero‑touch updates, automatic load balancing and autoscaling, and integrates with Vertex AI and preview agents. It pairs Gemini 2.5 Flash and Pro with NVIDIA Hopper and Blackwell accelerators and includes audit logging, access controls, and support for Confidential Computing (Intel TDX and NVIDIA) to meet strict data residency, sovereignty, and compliance requirements.

Google for Startups: 2025 Brazilian AI First Cohort

🚀 Google has announced the 2025 Brazilian cohort for the Google for Startups Accelerator: AI First, selecting 11 companies applying AI across finance, health, marketing, and agriculture. The program begins on September 2 and will provide personalized technical and strategic support, including mentorship and access to Google's AI experts. The cohort spans solutions for automated billing and claims, digital pathology, agroforestry intelligence, creator marketing, legal automation, treasury automation, and AI-driven children's storytelling.

Total Economic Impact of ChromeOS: ROI, Savings, Security

📊 Google commissioned a Forrester Total Economic Impact™ study to quantify the value of ChromeOS for enterprise deployments. The analysis modeled a composite organization (multinational, $5B revenue, 40,000 employees) and found a 208% ROI over three years, an NPV of $6.8M, and a payback period under six months. Key benefits included 90,000 saved productivity hours, $1.3M in device and licensing savings, $1.2M from strengthened security, and $1.1M in reduced IT support costs.

Google Named a Leader in IDC Incident Response 2025

🔒 Google has been named a Leader in the IDC MarketScape: Worldwide Incident Response 2025, recognizing Mandiant—now integrated into Google Cloud Security—for its decades of incident response expertise. The report praises Mandiant’s "team of teams" model, rapid crisis communications capability, and integration with Google's SecOps platform. Proprietary tools like FACT and Monocle and combined threat intelligence with VirusTotal enhance enterprise-scale investigations.

GKE Turns Ten: New Pricing, Autopilot Enhancements

🎉 Google marks the tenth anniversary of Google Kubernetes Engine (GKE) by simplifying pricing and expanding capabilities. Starting September 2025, GKE moves to a single paid tier, GKE Standard, which includes multi-cluster features such as Fleets, Teams, Config Management, and Policy Controller at no extra cost, with additional capabilities available à la carte. Google is also making Autopilot toggleable per cluster and per workload and promoting a container-optimized compute platform designed to increase efficiency and performance for AI and large-scale services.

Gemini 2.5 Flash Image Arrives on Vertex AI Preview

🖼️ Google announced native image generation and editing in Gemini 2.5 Flash Image, now available in preview on Vertex AI. The model delivers state-of-the-art capabilities including multi-image fusion, character and style consistency, and conversational editing to refine visuals via natural-language loops. Built-in SynthID watermarking supports responsible, transparent use. Developers and partners report promising integrations and low-latency performance for real-time editing workflows.

Google to Verify Android Developers in Four Countries

🛡️ Google will require identity verification for all developers who distribute Android apps, including those that sideload software outside the Google Play ecosystem. Invitations begin October 2025, verification opens to all developers in March 2026, and enforcement starts September 2026 in Brazil, Indonesia, Singapore, and Thailand. The policy aims to curb impersonation, stop repeat malicious actors, and strengthen developer accountability while preserving user choice.

vLLM Performance Tuning for xPU Inference Configs Guide

⚙️ This guide from Google Cloud authors Eric Hanley and Brittany Rockwell explains how to tune vLLM deployments for xPU inference, covering accelerator selection, memory sizing, configuration, and benchmarking. It shows how to gather workload parameters, estimate HBM/VRAM needs (example: gemma-3-27b-it ≈57 GB), and run vLLM’s auto_tune to find optimal gpu_memory_utilization and throughput. The post compares GPU and TPU options and includes practical troubleshooting tips, cost analyses, and resources to reproduce benchmarks and HBM calculations.

Phishing Campaign Exploits Google Classroom: 115K Emails

📚 Check Point researchers uncovered a large-scale phishing campaign that abused Google Classroom to deliver more than 115,000 malicious emails in five coordinated waves over a single week. Attackers used fake classroom invitations carrying unrelated commercial offers to trick recipients across Europe, North America, the Middle East and Asia. The campaign targeted roughly 13,500 organizations and highlights risks when trusted collaboration tools are weaponized.

Smashing Security #430: Poisoned Calendar Invites & ChatGPT

📅 In episode 430 of Smashing Security, host Graham Cluley and guest Dave Bittner examine a range of security stories, led by a proof‑of‑concept attack that weaponises Google Calendar invites to trigger smart‑home actions. They also cover a disturbing incident where ChatGPT gave dangerous advice that led to hospitalization and discuss the new Superman trailer. The episode blends technical detail with accessible commentary and practical warnings for listeners.

Android pKVM Achieves SESIP Level 5 Certification Milestone

🔒 Google announced that protected KVM (pKVM) has achieved SESIP Level 5 certification, making it the first software security system for large-scale consumer electronics to reach this assurance. The certification followed a hands-on evaluation by Dekra under the TrustCB SESIP scheme compliant to EN-17927 and includes AVA_VAN.5 vulnerability analysis. pKVM will enable high-criticality isolated workloads such as on-device AI and provides an open-source, verifiable foundation for device manufacturers.

Google July AI updates: tools, creativity, and security

🔍 In July, Google announced a broad set of AI updates designed to expand access and practical value across Search, creativity, shopping and infrastructure. AI Mode in Search received Canvas planning, Search Live video, PDF uploads and better visual follow-ups via Circle to Search and Lens. NotebookLM added Mind Maps, Study Guides and Video Overviews, while Google Photos gained animation and remixing tools. Research advances include DeepMind’s Aeneas for reconstructing fragmentary texts and AlphaEarth Foundations for satellite embeddings, and Google said it used an AI agent to detect and stop a cybersecurity vulnerability.

OSS Rebuild: Reproducible Builds to Harden Open Source

🔐 Google’s Open Source Security Team today announced OSS Rebuild, a new project to reproduce upstream artifacts and supply SLSA-grade provenance for popular package ecosystems. The service automates declarative build definitions and reproducible builds for PyPI, npm, and Crates.io, generating attestations that meet SLSA Build Level 3 requirements without requiring publisher changes. Security teams can use the project to verify published artifacts, detect unexpected embedded source or build-time compromises, and integrate the resulting provenance into vulnerability response workflows. The project is available as a hosted data set and as open-source tooling and infrastructure for organizations to run their own rebuild pipelines.

Google rolls out age assurance to protect U.S. youth

🛡️ Over the coming weeks Google will begin a limited U.S. rollout of age assurance, a system designed to distinguish users under 18 from adults and apply age-appropriate protections across its products. For accounts identified as minors Google will enable defaults such as YouTube Digital Wellbeing tools, disable Maps Timeline, turn off personalized advertising, and block adult-only apps on Google Play. The approach combines machine-learning age estimation based on existing account signals with optional age verification — including a government ID or a selfie — when users dispute their estimated age, and Google will notify users and provide options for adult verification.

Google Files Lawsuit to Dismantle BadBox 2.0 Botnet

🔒 Google has filed a lawsuit in New York federal court targeting the operators of the BadBox 2.0 botnet, which compromised over 10 million uncertified devices running the Android Open Source Project. In partnership with HUMAN Security and Trend Micro, Google’s Ad Traffic Quality team identified preinstalled malware used for large-scale ad fraud and other illicit activity. Google updated Play Protect to automatically block BadBox-associated apps and is coordinating with the FBI to further disrupt the criminal operation.

Chrome on Android: Advanced Protection Enhancements

🔒 Android's Advanced Protection extends Google's device-level security and integrates with Chrome on Android, enabling three core protections to guard high-risk users such as journalists and officials. It forces HTTPS via the Always Use Secure Connections mode, turns on full Site Isolation for devices with 4GB+ RAM, and reduces attack surface by disabling V8's higher-level JavaScript optimizers. Settings are available on Android 16 in Chrome 137+, and enterprises can control behaviors via policies while affected users should enable automatic updates and join the Advanced Protection Program for maximum defense. These measures trade some performance for stronger exploitation resistance.

Google Open-Sources ZKP Libraries for Age Assurance

🛡️ Google has open sourced its Zero-Knowledge Proof (ZKP) libraries to accelerate privacy-preserving digital ID and age-assurance solutions. Developed with Sparkasse, the release enables people to prove attributes (for example, that they are over 18) without sharing any other personal data. By making a performant ZKP codebase available, Google aims to help developers, researchers, businesses, and governments integrate privacy-first flows, including use cases for the European EUDI Wallet.

Sparkasse Partners with Google for EU Age Assurance

🔐 Google and Germany’s Sparkasse announced a wallet-based EU age assurance service that lets customers prove age online without sharing personal data. Using the Credential Manager API, Google Wallet and zero-knowledge cryptography, Sparkasse will issue trusted credentials across its network of 343 regional savings banks serving 50 million customers. Integration with Android and Chrome enables one-click age checks for apps and sites and will roll out in the coming months.