All news with #google tag

🚀 Gemini Enterprise launches a curated ecosystem of partner-built AI agents that integrate with Google Cloud to deliver validated, secure solutions for enterprise workflows. The platform supports Agent2Agent (A2A) communication and includes a Gemini-powered AI agent finder for natural language discovery and filtering by industry, use case, and validation status. A broad set of technology and consulting partners — from Box and Salesforce to ServiceNow, Workday, and Accenture — are bringing agents and services to the Google Cloud Marketplace to accelerate deployment and adoption.

🛡️ Modern cloud work lives across email, files, chat, and a mesh of integrations, and attackers increasingly exploit trusted OAuth grants rather than compromising accounts directly. In early August the actor behind recent Salesforce intrusions used stolen Drift email tokens to access a small set of Google Workspace mailboxes; Google revoked the tokens and disabled the integration on August 9. Material Security advocates shifting from perimeter-only defenses to content-centric controls such as message-level MFA, OAuth governance, and automated containment to make stolen tokens far less damaging.

🛠️ Google’s DeepMind unveiled CodeMender, an AI agent that automatically detects, patches, and rewrites vulnerable code to remediate existing flaws and prevent future classes of vulnerabilities. Backed by Gemini Deep Think models and an LLM-based critique tool, it validates changes to reduce regressions and self-correct as needed. DeepMind says it has upstreamed 72 fixes to open-source projects so far and will engage maintainers for feedback to improve adoption and trust.

🛡️ Google has launched a new AI Vulnerability Reward Program to incentivize security researchers to find and report flaws in its AI systems. The program targets high-impact vulnerabilities across flagship offerings including Google Search, Gemini Apps, and Google Workspace core apps, and also covers AI Studio, Jules, and other AI integrations. Rewards scale with severity and novelty—up to $30,000 for exceptional reports and up to $20,000 for standard flagship security flaws. Additional bounties include $15,000 for sensitive data exfiltration and smaller awards for phishing enablement, model theft, and access control issues.

🔧 Google DeepMind has unveiled CodeMender, an autonomous agent built on Gemini Deep Think models that detects, debugs and patches complex software vulnerabilities. In the last six months it produced and submitted 72 security patches to open-source projects, including codebases up to 4.5 million lines. CodeMender pairs large-model reasoning with advanced program-analysis tooling — static and dynamic analysis, differential testing, fuzzing and SMT solvers — and a multi-agent critique process to validate fixes and avoid regressions. DeepMind says all patches are currently human-reviewed and it plans to expand maintainer outreach, release the tool to developers, and publish technical findings.

🛠️ This article presents five practical best practices to get better results from AI coding assistants. Based on engineering sprints using Gemini CLI, Gemini Code Assist, and Jules, the recommendations cover choosing the right tool, training models with documentation and tests, creating detailed execution plans, prioritizing precise prompts, and preserving session context. Following these steps helps developers stay in control, improve code quality, and streamline complex migrations and feature work.

🔒 Google announced a set of AI security measures: the AI-powered agent CodeMender, a dedicated AI Vulnerability Reward Program (AI VRP), and Secure AI Framework 2.0 (SAIF 2.0). CodeMender leverages advanced reasoning to find, self-validate, and propose patches at scale. SAIF 2.0 introduces an agent risk map and secure-by-design controls, while the AI VRP centralizes reporting and incentives to accelerate remediation.

🔒 Google announced three major AI security initiatives: CodeMender, a dedicated AI Vulnerability Reward Program (AI VRP), and the updated Secure AI Framework 2.0. CodeMender is an AI-powered agent built on Gemini that performs root-cause analysis, generates self-validated patches, and routes fixes to automated critique agents to accelerate time-to-patch across open-source projects. The AI VRP consolidates abuse and security reward tables and clarifies reporting channels, while SAIF 2.0 extends guidance and introduces an agent risk map and security controls for autonomous agents.

🔗 Google has released an open-source Python library, Dataproc ML, to streamline running ML and generative-AI inference from Apache Spark on Dataproc. The library uses a SparkML-style builder pattern so users can configure a model handler (for example, GenAiModelHandler) and call .transform() to apply Gemini or other Vertex AI models directly to DataFrames. It also supports loading PyTorch and TensorFlow model artifacts from GCS for large-scale batch inference and includes performance optimizations such as vectorized data transfer, connection reuse, and automatic retry/backoff.

🔒 Gmail enterprise users can now send end-to-end encrypted emails to recipients on any email platform by enabling the Additional encryption option when composing a message. Non-Gmail recipients receive a secure link to view and reply via a guest Google Workspace account, while Workspace-to-Workspace messages decrypt automatically for subscribers. The feature uses client-side encryption (CSE) so organizations can hold keys outside Google's servers to support data sovereignty and regulatory controls. Google began beta testing in April 2025 and will roll the feature out to Enterprise Plus customers with the Assured Controls add-on.

🔒 Google Pixel phones have been added to the DoDIN APL, allowing federal agencies to procure devices that meet Department of Defense network security requirements. Pixel 9 hardware and integrated on-device protections combine with Google Cloud for secure remote management, 5G connectivity, and AI-enabled workflows. Use cases include secure field capture, centralized analytics, and pilots such as TrackInspect for transit infrastructure safety.

⚠️ F-Droid warns that Google’s planned Developer Verification rule — requiring identity verification for all developers on certified Android devices starting in 2026 — could effectively end the project and restrict access to many free, open-source apps. F-Droid, which builds reproducible packages, checks for trackers and allows anonymous downloading without accounts, says many open-source authors will refuse to register or pay fees and that F-Droid cannot seize app identifiers on their behalf. Google says sideloading will remain possible for verified developers, with exemptions for hobbyists and no change to Android Studio workflows.

🔒 Google has begun rolling out an AI-powered ransomware detection feature for Google Drive for desktop. The feature automatically pauses syncing of affected files on Windows and macOS when it detects signs of ransomware, protecting cloud copies though it does not prevent local file encryption. Administrators may disable detection or file restoration via the Admin console, and alerts require Drive version 114 or later.

🔎 Google added two BigQuery tools—ask_data_insights and BigQuery Forecast—to the MCP Toolbox and the Agent Development Kit (ADK) to enable conversational analytics and time-series predictions for agents. ask_data_insights uses the Conversational Analytics API to interpret plain-English questions, generate and run queries, and return summarised answers with a step‑by‑step log for transparency. BigQuery Forecast leverages BigQuery ML’s TimesFM model via AI.FORECAST so agents can run forecasting jobs directly inside BigQuery without separate ML infrastructure.

🔒 Cybersecurity researchers disclosed three now-patched vulnerabilities in Google's Gemini suite that could have exposed user data and enabled search- and prompt-injection attacks. The flaws, labeled the Gemini Trifecta, impacted Gemini Cloud Assist, the Search Personalization model, and the Browsing Tool. Following responsible disclosure, Google stopped rendering hyperlinks in log summaries and implemented additional hardening. Tenable warned these issues could have allowed covert exfiltration of saved user information and location data.

⚠️Tenable has revealed three vulnerabilities in Google's Gemini platform, collectively dubbed the "Gemini Trifecta," that enable indirect prompt injection and data exfiltration through integrations. The issues allow attackers to poison GCP logs consumed by Gemini Cloud Assist, inject malicious entries into Chrome search history to manipulate the Search Personalization Model, and coerce the Browsing Tool into fetching attacker-controlled URLs that leak sensitive query data. Google has patched the flaws, and Tenable urges security teams to treat AI integrations as active threat surfaces and implement input sanitization, output validation, monitoring, and regular penetration testing.

🚀 The U.S. Air Force, working with Google Public Sector and GDIT, deployed the Google Distributed Cloud air-gapped appliance to run classified workloads at the tactical edge in DDIL environments. The rugged, transportable system demonstrated secure, Zero Trust-capable processing up to Secret, delivering on-device AI for transcription, OCR, translation, and summarization during Mobility Guardian 2025 in Guam. It also supported containerized IL2 collaboration, Luna AI integration for low-latency air-defense data, a Jupyter-based edge dev environment, and AI-enabled tele-maintenance to convert manuals and visual data into actionable maintenance insights.

🚀 TELUS modernized its global digital workplace by deploying ChromeOS, Google Workspace, Cameyo, and Chrome Enterprise Premium to create a browser-first, zero-trust app streaming platform. The TELUS Desktop Stream replaced costly VDI, avoided a $15 million infrastructure refresh, and cut login times by threefold. More than 100 applications now run through Cameyo, improving call-center throughput and agent productivity. IT teams report simplified management, stronger contextual security, and reduced reliance on VPNs.

🚀 Searce, a Google Cloud Premier partner, has completed over 1,000 migrations and highlights measurable gains in reliability, cost, and performance for enterprise customers. Using GKE, GKE Autopilot, GKE Gateway Controller and Google Cloud platform services, Searce reports improvements such as 25% better reliability, 50% lower TCO, and up to 30% performance gains, with significant reductions in downtime during migrations.

🔐 Chinese state-linked actors deployed a custom Linux/BSD backdoor called BRICKSTORM on network edge appliances to maintain persistent access into U.S. legal, technology, SaaS and outsourcing firms. These implants averaged 393 days of undetected dwell time and were used to pivot to VMware vCenter/ESXi hosts, Windows systems, and Microsoft 365 mailboxes. Mandiant and Google TAG attribute the activity to UNC5221 and have released a scanner and hunting guidance to locate affected appliances.