All news with #google tag

🔒 Google describes five coordinated approaches to reduce scams and fraud, presented at the EMEA Anti-Scams and Fraud Summit hosted by the Google Safety Engineering Center in Zurich. The company highlights AI-powered defenses that block spam, malware and policy-violating ads, plus on-device scam detection in Phone by Google. It also emphasizes user tools, education through Be Scam Ready, cross-platform threat-data sharing via the Global Signal Exchange, and partnerships with law enforcement to disrupt criminal networks.

🔒 Apple and Google have initiated a beta rollout of end-to-end encrypted RCS messaging between iPhone and Android devices, closing a long-standing interoperability gap. The feature requires iOS 26.5 on supported iPhones and the latest Google Messages on Android, with carrier activation determining availability. Encryption is enabled by default, marked by a lock icon, and the rollout implements the GSMA Universal Profile 3.0 with MLS.

🔐 Apple released iOS 26.5, adding beta support to enable end-to-end encryption for RCS messages across iPhone and Android devices when used with supported carriers and the latest Google Messages. The feature is enabled by default for new and existing conversations and displays a lock icon to indicate encryption. Apple and GSMA say this is part of a cross‑industry effort to modernize SMS. The update also patches over 50 vulnerabilities in iOS and iPadOS.

🔷 Google presents a cluster-level reliability framework for TPU superpods that treats thousands of chips as collective units rather than independent instances. The framework replaces instance-level MTBF thinking with a probabilistic, topology-aware model (binomial distribution) to guarantee contiguous healthy cubes for massive training runs. Using Ironwood, Google shows a 95% confidence block of 130/144 cubes—an 8,320-chip domain—while allowing remaining capacity for heterogeneous workloads. Combined with framework resilience and multi-tier checkpointing, this model is engineered to maximize scheduling goodput for hero jobs.

🔐 At Google Cloud Next, Google outlined a resilient, scalable, and secure foundation to accelerate public sector adoption of the agentic era, highlighting infrastructure, data, and security innovations. Key infrastructure announcements include the AI Hypercomputer with eighth-generation TPUs (TPU 8t for training, TPU 8i for inference) and Virgo Networking, plus Google Distributed Cloud bringing Gemini to where data resides. On data, an AI-native architecture features Knowledge Catalog (FedRAMP High, DoD IL4 & IL5) and a cross-cloud Lakehouse to ground agents in trusted context. Security advances combine Google Threat Intelligence with Wiz, authorize Cloud Armor and Model Armor, and add defensive agents to protect models and sensitive data.

🛡️ Google disclosed detection of an unknown threat actor using a zero-day exploit likely developed with an AI model, marking the first observed malicious application of AI for vulnerability discovery and exploit generation. GTIG said the exploit was a Python script implementing a 2FA bypass in a widely used open-source web administration tool and contained hallmarks of LLM-generated code. Google worked with the vendor to patch the flaw, disabled malicious assets, and linked the activity to a broader set of AI-enabled abuse campaigns including the Android backdoor PromptSpy.

🔍 Google Threat Intelligence Group (GTIG) reports a rapid shift from nascent AI-enabled operations to industrial-scale use of generative models by threat actors. Based on Mandiant incident response, Gemini telemetry, and GTIG research, the report documents AI-assisted zero-day exploit development, autonomous malware like PROMPTSPY, and advanced obfuscation techniques. It highlights supply chain targeting of AI environments, anonymized premium LLM access, and specific interest from PRC- and DPRK-linked clusters. The report also outlines mitigations and defensive AI uses.

🔍 Google’s Threat Intelligence Group (GTIG) reports the first observed case of cybercriminals using AI to discover and weaponize a zero-day, targeting a popular open-source web-based system administration tool to bypass two-factor authentication. GTIG worked with the vendor to close the flaw and disrupt the campaign. Forensic analysis of the Python exploit showed AI-like traits—structured docstrings, Pythonic formatting, and a hallucinated CVSS score. Google noted the attackers did not use Gemini or Anthropic Mythos.

🔍 The Google Threat Intelligence Group (GTIG) reported the first confirmed instance of an AI-crafted zero-day exploit observed in the wild. The researchers identified a Python-based exploit that bypasses two-factor authentication in an open-source web administration tool and disclosed the flaw to the vendor to limit mass exploitation. GTIG found artifacts in the code—help text, a hallucinated CVSS score and textbook LLM-style constructs—consistent with large language model generation, and noted broader AI abuse by threat actors including misuse of Gemini and agentic tooling.

🚀 The Gemini CLI CI/CD extension lets developers deploy functional apps directly from a terminal, closing the gap between local prototyping and production pipelines. It performs a pre-deployment secret scan, analyzes project files, and can containerize using buildpacks before deploying to Cloud Run or Cloud Storage. For production workflows it can design CI/CD pipelines, provision resources, and generate Cloud Build YAML and triggers.

🚀 Google Cloud has reworked GKE node provisioning to deliver up to 4× faster node startup for qualifying nodes, reducing cold-start latency out of the box. This architectural upgrade combines intelligent compute buffers, fast-starting virtual machines, and a redesigned control plane so clusters scale more quickly without any customer configuration. The improvement is live for GKE Autopilot on select NVIDIA and general-purpose instance types, lowering the need to over-provision and speeding AI inference.

🔒Google has increased maximum payouts for its vulnerability reward programs, raising the top prize to $1.5 million. The new maximum applies to critical issues impacting Android, with reports indicating the full amount requires compromising the Pixel Titan M2 security chip. Rewards for vulnerabilities in Chrome now top out at $250,000. Since launching its programs in 2010, Google has paid $81.6 million to researchers.

🔐 Google outlines five practical tools to make Google Account sign‑ins simpler and more secure on World Password Day 2026. Highlights include Passkeys (device-based sign-in using fingerprint, face, or PIN), recommended pairing with 2-Step Verification, and the ability to add up to 10 Recovery Contacts for account recovery. The post also promotes Sign in with Google to reduce password proliferation and Google Password Manager to create, save, sync, and autofill strong passwords and passkeys.

🔒 The Center for AI Standards and Innovation (CAISI), part of the Department of Commerce’s NIST, has secured agreements with Google DeepMind, Microsoft, and xAI to conduct pre-deployment evaluations and targeted research on frontier AI models. These accords expand an existing program that already includes Anthropic and OpenAI and are intended to provide vendors with safety feedback before public release. Microsoft described the partnerships as essential to building trust in advanced systems, while CAISI emphasized continuous evaluation to advance AI security and standards.

⚡ Google reports a 6x speedup migrating production models from TensorFlow to JAX using a specialized multi-agent AI system. The architecture pairs deterministic static analysis with three coordinated agents—Planner, Orchestrator, and Coder—plus hierarchical Playbooks to manage large, multi-file repositories. The pipeline enforces mathematical equivalence via algorithmic checks and applies blind LLM audits, reducing months of manual migration work to weeks of AI-assisted code generation followed by expert review.

🔒 Google has been named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies. The company highlights a unified ecosystem combining Mandiant, VirusTotal, Google infrastructure visibility and Gemini-powered agentic intelligence to detect and preempt threats. Google reports high signal accuracy, turnkey integrations with Security Operations, and combined human expertise to reduce false positives and accelerate response.

🔐 Google has expanded Binary Transparency for Android to publish a cryptographic, append-only ledger that records production Google app binaries and Mainline modules. Beginning May 1, 2026, supported production apps will have public ledger entries to attest authenticity. Google is also providing verification tooling so users and researchers can confirm software integrity and detect unauthorized or "one-off" builds.

🤖 Join hands-on developer workshops across North America that teach secure, scalable deployment of agentic AI for enterprises. These sessions are practical, bring-your-laptop labs where Platform, Security, and Data practitioners build end-to-end solutions, including GKE cluster hardening, secure sandboxing, and governed data pipelines. Tracks cover GKE + Data and Data Engineering & Analytics, with guidance from Google experts. Attendees leave with runnable labs and operational best practices to accelerate production adoption.

🤖 Gemma 4, released by Google DeepMind, is a new family of open models optimized for local and mobile deployment. The family emphasizes intelligence per parameter, offering ultra-mobile E2B/E4B sizes, a 31B dense model for local GPUs, and a 26B Mixture-of-Experts variant. The shift to an Apache 2 license plus tools like the Agent Development Kit enables offline agentic workflows and commercial use by developers and startups.

🔐Google updated its Android and Chrome vulnerability rewards, increasing top-tier payouts for the most difficult exploits while lowering awards for issues AI has made easier to find. The highest Android prize is $1.5 million for zero-click, full-chain persistent exploits against a Pixel Titan M2 security chip, with $750,000 for non-persistent variants. For Chrome, full-chain browser process exploits pay up to $250,000 plus a $250,128 bonus for exploiting MiraclePtr-protected allocations; Google also narrows Android scope to Linux kernel bugs in Google-maintained components unless concrete device exploitability is shown.