< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 23 of 30

GTIG Report: AI-Enabled Threats Transform Cybersecurity

🔒 The Google Threat Intelligence Group (GTIG) released a report documenting a clear shift: adversaries are moving beyond benign productivity uses of AI and are experimenting with AI-enabled operations. GTIG observed state-sponsored actors from North Korea, Iran and the People's Republic of China using AI for reconnaissance, tailored phishing lure creation and data exfiltration. Threats described include AI-powered, self-modifying malware, prompt-engineering to bypass safety guardrails, and underground markets selling advanced AI attack capabilities. Google says it has disrupted malicious assets and applied that intelligence to strengthen classifiers and its AI models.
read more →

GTIG Report: Adversaries Experimenting with AI Tools

🛡️ The Google Threat Intelligence Group (GTIG) released a November 2025 report describing how adversaries are evolving beyond productivity uses of AI to operationalize novel offensive capabilities. GTIG observed state-sponsored actors (including North Korea, Iran, and the People’s Republic of China) and criminal groups using AI for reconnaissance, tailored phishing-lure generation, prompt-based guardrail evasion, and AI-powered polymorphic malware. Google reports it has disabled malicious assets and applied this intelligence to strengthen both its classifiers and AI model defenses.
read more →

Cloud CISO: Threat Actors' Growing Use of AI Tools

⚠️Google's Threat Intelligence team reports a shift from experimentation to operational use of AI by threat actors, including AI-enabled malware and prompt-based command generation. GTIG highlighted PROMPTSTEAL, linked to APT28 (FROZENLAKE), which queries a Hugging Face LLM to generate scripts for reconnaissance, document collection, and exfiltration, while adopting greater obfuscation and altered C2 methods. Google disabled related assets, strengthened model classifiers and safeguards with DeepMind, and urges defenders to update threat models, monitor anomalous scripting and C2, and incorporate threat intelligence into model- and classifier-level protections.
read more →

GTIG: Threat Actors Shift to AI-Enabled Runtime Malware

🔍 Google Threat Intelligence Group (GTIG) reports an operational shift from adversaries using AI for productivity to embedding generative models inside malware to generate or alter code at runtime. GTIG details “just-in-time” LLM calls in families like PROMPTFLUX and PROMPTSTEAL, which query external models such as Gemini to obfuscate, regenerate, or produce one‑time functions during execution. Google says it disabled abusive assets, strengthened classifiers and model protections, and recommends monitoring LLM API usage, protecting credentials, and treating runtime model calls as potential live command channels.
read more →

Building Collaborative AI with ADK: A Developer’s Guide

🧭 This guide summarizes Multi-Agent System (MAS) fundamentals and explains how Google’s Agent Development Kit (ADK) helps developers assemble cooperating agents to solve complex tasks. It outlines three agent roles — LLM Agents for reasoning, Workflow Agents for orchestration, and Custom Agents for bespoke logic — and describes hierarchical organization and orchestration patterns (sequential, parallel, loop). The post also reviews communication options (shared state, LLM delegation, explicit invocation) and points developers to samples and codelabs for rapid prototyping.
read more →

October 2025 Google AI: Research, Products, and Security

📰 In October, Google highlighted AI advances across research, consumer devices and enterprise tools, from rolling out Gemini for Home and vibe coding in AI Studio to launching Gemini Enterprise for workplace AI. The month included security initiatives for Cybersecurity Awareness Month—anti‑scam protections, CodeMender and the Secure AI Framework 2.0—and developer releases like the Gemini 2.5 Computer Use model. Research milestones included a verifiable quantum advantage result and an oncology-focused model, Cell2Sentence-Scale, aimed at accelerating cancer therapy discovery.
read more →

Google AI October 2025: Gemini, Research, and Tools

🤖 October updates feature major product releases, developer tools, and research milestones from Google, centered on Gemini models and new AI capabilities. Highlights include Gemini Enterprise, the Gemini 2.5 Computer Use model for UI agents, plus consumer integrations such as Gemini for Home and Samsung's Galaxy XR. The month also brought breakthroughs in quantum computing, cancer research (Cell2Sentence-Scale) and fusion-energy collaborations, alongside expanded AI security measures and developer learning resources.
read more →

Google AI 'Big Sleep' Finds Five WebKit Flaws in Safari

🔒 Google’s AI agent Big Sleep reported five vulnerabilities in Apple’s WebKit used by Safari, including a buffer overflow, two memory-corruption issues, an unspecified crash flaw, and a use-after-free (CVE-2025-43429 through CVE-2025-43434). Apple issued patches across iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, visionOS 26.1 and Safari 26.1. Users are advised to install the updates promptly to mitigate crash and memory-corruption risks.
read more →

BigQuery's Data Engineering Agent: Automating Pipelines

🔧 The preview of the Data Engineering Agent in BigQuery introduces a Gemini-powered assistant that automates pipeline development, maintenance, and migrations. The agent converts natural-language requirements into SQL, enforces engineering best practices, and supports custom instructions and UDFs to reflect organizational logic. Integrated with Dataplex, it uses governance metadata to improve table descriptions, data quality assertions, and PII-aware handling, and it also generates documentation and troubleshooting guidance. The feature is available in preview via BigQuery Pipelines and the Dataform UI.
read more →

Mercado Libre's Spanner-Based Platform for Scale and AI

🚀 Mercado Libre leverages Spanner as the core of a developer-facing platform, exposing consistent, globally-scalable transactions through its internal gateway, Fury. Fury abstracts distributed database complexity and serves both relational and key-value workloads. Integration with BigQuery via Data Boost and Change Streams enables near-real-time analytics and reverse ETL to operational systems.
read more →

OAuth Device Code Phishing: Azure vs Google Compared

🔐 Matt Kiely of Huntress examines how the OAuth 2.0 device code flow enables phishing and highlights stark differences between Microsoft and Google. He walks through the device-code attack chain — generating a device code, social-engineering a user to enter it on a legitimate site, and polling the token endpoint to harvest access and refresh tokens. The analysis shows Azure’s implementation lets attackers control client_id and resource parameters to obtain powerful tokens, while Google’s implementation restricts device-code scopes and requires app controls that significantly limit abuse. Practical examples, cURL/Python snippets, and mitigation advice are included for defenders.
read more →

Google Confirms AI Search Will Include Ads, Evolving Format

📣Google says its ad business will remain central as it integrates advertising into AI-powered search experiences. Google currently offers AI Overviews and a more capable AI Mode, and has begun limited experiments placing ads within those results. Executives say ads won't disappear but may appear differently and become more personalized based on user data. Tests and further plans are expected to continue into next year.
read more →

Log Analytics Query Builder Makes Log SQL Easier for Teams

🔍 The Log Analytics query builder in Google Cloud Console provides a UI-driven way to build and preview SQL-based log queries without hand-coding. It helps DevOps engineers, SREs, and application developers search across fields, infer JSON schemas, select nested values, and apply aggregations via an intuitive interface. Real-time SQL preview and one-click visualizations let users switch to the editor to fine-tune queries and save dashboards.
read more →

Conversational AI Agents: Designing for Retail UX, Commerce

🛍️ Google Cloud outlines UX and implementation guidance for building conversational AI agents tailored to online shopping. The article presents seven practical design principles — including multimodal input, intelligent query handling, rich visual presentation, and clear trust signals — that improve discovery and reduce friction. It highlights features like predictive assistance and contextual clarification and offers a Figma component library plus developer resources to accelerate deployment.
read more →

Google says Search AI Mode will access personal data

🔎 Google says a forthcoming AI Mode for Search could, with users' opt-in consent, access content from Gmail, Drive, Calendar and Maps to provide customized results and actions. The company is testing early experiments in Labs for personalized shopping and local recommendations, and suggests features like flight summaries, scheduling, or trip planning could leverage that data. Timing remains TBD.
read more →

How Android Uses AI to Protect Users from Scams Globally

🔒 Android applies layered Google AI to anticipate and block mobile scams before they reach users. Built-in protections—such as Google Messages spam filtering and on-device Scam Detection, plus Phone by Google automatic call blocking and Call Screen—identify conversational scam patterns and surface real-time warnings. Android blocks over 10 billion suspected malicious calls and messages monthly and recently stopped more than 100 million suspicious numbers from using RCS. Protections are ephemeral, on-device where possible, and continuously updated to adapt to evolving threats.
read more →

Google's Android AI Blocks Billions of Scam Messages

📱 Google says built-in scam defenses on Android prevent more than 10 billion suspected malicious calls and messages every month and have blocked over 100 million suspicious numbers from using RCS. The company uses on-device artificial intelligence to filter likely spam into the "spam & blocked" folder in Google Messages and recently rolled out safer link warnings for flagged messages. Analysis of user reports in August 2025 identified employment fraud as the most common scam type, while scammers increasingly employ group-message tactics and time-of-day scheduling to increase success rates.
read more →

Brash Exploit Crashes Chromium Browsers via Title API

⚠️ Security researcher Jose Pino disclosed "Brash", a severe flaw in the Blink rendering engine that can crash many Chromium-based browsers within 15–60 seconds via a single malicious URL. The root cause is missing rate limiting on the document.title API, enabling attackers to inject millions of DOM mutations per second and saturate the browser UI thread. Pino describes a three-phase technique — hash generation, burst injection, and UI-thread saturation — and warns the code can be time-triggered to act like a logic bomb. Affected products include Google Chrome, Microsoft Edge, Brave, Opera, Vivaldi, Arc, Dia, and some AI browser interfaces; Firefox and Safari are not vulnerable.
read more →

Chromium Blink flaw crashes Chrome, Edge; exploit published

⚠ A researcher, Jose Pino, published a proof-of-concept on October 29 demonstrating a Blink rendering-engine flaw that can crash Chrome, Microsoft Edge and several other Chromium-based browsers within seconds by flooding document.title updates. Pino says he reported the issue to Google on August 28 and, after no response, released the PoC to force public attention. The exploit saturates the main thread with millions of DOM mutations per second, producing rapid CPU spikes, tab freezes and eventual process termination, and it raises particular concern for headless and automated enterprise workflows.
read more →

Chrome to Enable HTTPS-First Mode by Default in 2026

🔒 Beginning in April 2026 and completing in October 2026, Google will make the Always Use Secure Connections feature the default in Chrome, attempting HTTPS for all public site navigations and prompting users before loading non-HTTPS pages. The phased rollout starts with Enhanced Safe Browsing users in Chrome 147 and expands to all global users in Chrome 154. Internal addresses such as routers and intranets will be exempt, and Google reports early tests showed warnings on fewer than 3% of navigations, typically under one alert per week, while the browser will avoid repeatedly warning about frequently visited sites.
read more →