All news with #google tag

Google Deletes X Post After Using Stolen Recipe Infographic

🧾 Google removed a promotional X post for NotebookLM after users noted an AI-generated infographic closely mirrored a stuffing recipe from the blog HowSweetEats. The card, produced using Google’s Nano Banana Pro image model, reproduced ingredient lists and structure that matched the original post. After being called out on X, Google quietly deleted the promotion; the episode highlights broader concerns about AI scraping and attribution. The company also confirmed it is testing ads in AI-generated answers alongside citations.

AWS and Google Cloud Launch Joint Multicloud Networking

🔗 AWS and Google Cloud announced a jointly engineered multicloud networking solution that integrates AWS Interconnect - multicloud with Google Cloud’s Cross-Cloud Interconnect. The collaboration introduces an open API specification to automate private, high-speed connectivity and shifts multicloud setup from physical circuits to a managed, cloud-native experience. Customers can provision dedicated bandwidth in minutes via console or API, while the service enforces quad redundancy and MACsec encryption for secure, highly available links. The APIs are published openly for other providers and partners to adopt.

Google and AWS Launch Managed Cross-Cloud Interconnect

🔗 Google Cloud and Amazon Web Services have jointly previewed the Cross‑Cloud Interconnect for AWS, a managed, on‑demand service that provisions private, secure connections between Google Cloud VPCs and AWS VPCs in minutes. The collaboration is published under an open specification to enable partner contributions and wider industry adoption. Preview bandwidth begins at 1 Gbps and will scale to 100 Gbps at GA, with MACsec encryption and managed key rotation as default security controls. The offering emphasizes simplicity, quad‑redundancy, and managed operations to reduce setup from days to minutes.

Google Antigravity AI coding tool vulnerable to exploits

⚠️ Google’s AI-assisted coding tool Antigravity, launched in early November, has a critical vulnerability discovered by researchers at Mindgard within 24 hours that can install a persistent backdoor and execute malicious code each time the application starts. The flaw arises because the assistant follows custom user rules unconditionally and gives excessive weight to rules embedded in project source, while a global configuration directory can hold files specifying arbitrary commands that are read and acted on at startup. Mindgard also identified two additional vulnerabilities that could expose user data, and no patch is yet available.

Researchers Warn of Security Risks in Google Antigravity

⚠️ Google’s newly released Antigravity IDE has drawn security warnings after researchers reported vulnerabilities that can allow malicious repositories to compromise developer workspaces and install persistent backdoors. Mindgard, Adam Swanda, and others disclosed indirect prompt injection and trusted-input handling flaws that could enable data exfiltration and remote command execution. Google says it is aware, has updated its Known Issues page, and is working with product teams to address the reports.

Hidden URL-fragment prompts can hijack AI browsers

⚠️ Researchers demonstrated a client-side prompt injection called HashJack that hides malicious instructions in URL fragments after the '#' symbol. AI-powered browsers and assistants — including Comet, Copilot for Edge, and Gemini for Chrome — read these fragments for context, allowing attackers to weaponize legitimate sites for phishing, data exfiltration, credential theft, or malware distribution. Because fragment data never reaches servers, network defenses and server logs may not detect this technique.

Gemini 3 Reframes Enterprise Perimeter and Protection

🚧 Gemini 3’s release on 18 November 2025 signals a structural shift: beyond headline performance gains, it accelerates embedding large multimodal assistants directly into enterprise workflows and infrastructure. That continuation of a trend already visible with Microsoft Copilot effectively makes AI assistants a new enterprise perimeter — changing where corporate data, identities, and controls must be enforced. Security, compliance, and IT teams need to update policies, telemetry, and incident response to this expanded boundary.

HashJack: Indirect Prompt Injection Targets AI Browsers

⚠️Security researchers at Cato Networks disclosed HashJack, a novel indirect prompt-injection vulnerability that abuses URL fragments (the text after '#') to deliver hidden instructions to AI browsers. Because fragments never leave the client, servers and network defenses cannot see them, allowing attackers to weaponize legitimate websites without altering visible content. Affected agents included Comet, Copilot for Edge and Gemini for Chrome, with some vendors already rolling fixes.

The AI Fix — Episode 78: Security, Spies, and Hype

🎧 In Episode 78 of The AI Fix, hosts Graham Cluley and Mark Stockley examine a string of headline-grabbing AI stories, from a fact-checked “robot spider” scare to Anthropic’s claim of catching an autonomous AI cyber-spy. The discussion covers Claude hallucinations, alleged state-backed misuse of US AI models, and concerns about AI-driven military systems and investor exuberance. The episode also questions whether the current AI boom is a bubble, while highlighting real-world examples like AI-generated music charting and pilots controlling drone wingmen.

Superbox Android TV Boxes Found Relaying Malicious Traffic

⚠️ Superbox media streaming boxes sold through retailers like BestBuy and Walmart have been found running intrusive, unofficial apps that can enlist buyers' Internet connections into distributed residential proxy networks and botnets. Censys researchers observed devices phoning home to Tencent QQ and a proxy service called Grass IO, and installing tools such as tcpdump and netcat while performing DNS hijacking and ARP spoofing. The boxes require removing Google Play and installing a third-party app store, increasing the risk of unauthorized relays, advertising fraud, and account takeovers. Consumers are advised to avoid uncertified Android TV devices and follow FBI and EFF guidance on suspicious app marketplaces.

Anthropic Claude Opus 4.5 Now Available on Vertex AI

🚀 Anthropic's Claude Opus 4.5 is now generally available on Vertex AI, delivering frontier performance for coding, agents, vision, and office automation at roughly one-third the cost of Opus 4.1. The model introduces advanced agentic tool use—programmatic tool calling (including direct Python execution) and dynamic tool search—plus expanded memory and a 1M-token context window to support long, multi-step tasks. On Vertex AI, Opus 4.5 is offered as a Model-as-a-Service on Google's high-performance infrastructure with prompt caching, efficient batch predictions, provisioned throughput, and enterprise-grade controls for deployment. Organizations can leverage the Agent Builder stack (ADK, A2A, and Agent Engine) and Google Cloud security controls, including Model Armor and Security Command Center protections, to accelerate production agents while managing cost and risk.

GhostAd: Hidden Google Play Adware Draining Devices

🔍 Check Point's Harmony Mobile Detection Team discovered a broad Android adware campaign on Google Play that operated as a persistent background advertising engine. Masquerading as benign utilities and emoji editors, the apps continued running after closure or reboot, quietly consuming battery and mobile data. The campaign, dubbed GhostAd, comprised at least 15 related apps, with five still available at discovery.

TalayLink Subsea Cable Connects Australia and Thailand

🌐 Today Google is announcing TalayLink, a new subsea cable that will extend the previously announced interlink cable from the Australia Connect initiative to establish a diverse path between Australia and Thailand via the Indian Ocean. The project includes planned connectivity hubs in Mandurah (Western Australia) and South Thailand, the latter in partnership with AIS, plus local landing support from IGC. These investments are designed to integrate Google Cloud’s upcoming Thailand region and data center into its global network, improving resilience, routing diversity, and onward connectivity across the Indian Ocean.

Google adds Pixel-to-iPhone file sharing via Quick Share

📱 Google has made Quick Share interoperable with Apple's AirDrop, enabling two-way file transfers between Pixel devices and iPhones starting with the Pixel 10 family. The implementation uses AirDrop's "Everyone for 10 minutes" direct, device-to-device mode with no server intermediaries. Google says it applied threat modeling, internal security and privacy reviews, Rust parsing to reduce memory risks, and independent NetSPI testing. Users must manually confirm recipients before sharing.

Agentic AI Framework for Life Sciences R&D on Google Cloud

🔬 Google Cloud outlines an agentic AI framework to accelerate life sciences R&D by orchestrating specialized, fine-tunable models into modular workflows. It describes four agents—MedGemma for deep literature and data synthesis, TxGemma for in-silico preclinical prediction, Gemini 2.5 Pro as the cognitive orchestrator, and AlphaFold-2 plus docking tools for molecular design. The architecture maps data flows, tooling, and cloud services (Vertex AI, HPC, search) to move from target discovery through iterative Design→Dock→Predict→Refine cycles toward lab-ready lead nomination while preserving version control and compliance.

Google: Leader in 2025 Gartner Magic Quadrant for CDBMS

📈 Google announces it was named a Leader in the 2025 Gartner Magic Quadrant for Cloud Database Management Systems for the sixth consecutive year and positioned furthest in vision. The post presents the company's AI-native Data Cloud—a unified stack integrating BigQuery, Spanner, AlloyDB, Looker, and Dataplex—to support agentic AI. Google highlights embedded specialized agents, developer tooling (Data Agents API, ADK, Gemini CLI) and Agent Analytics in BigQuery to accelerate AI-driven applications while asserting cost and governance benefits on a single, open platform.

Vertex AI Studio adds Gemini tools for faster builds

🚀 Vertex AI Studio now centers developer workflows around Gemini and introduces agents-as-tools to streamline prompt engineering and app creation. The Studio adds three core agent commands — /Prompt, /Evaluate, and /Build — to refine prompts, assess outputs with custom autoraters, and generate working code. Team features include cross-account prompt sharing, version history, and notes. Onboarding is simplified with one-click API keys, an /Ask helper, express mode, and loginless model trials.

BigQuery AI: Unified ML, Generative AI, and Agents

🤖 BigQuery AI consolidates BigQuery’s built-in ML, generative AI functions, vector search, and agent tools into a unified platform. It enables users to apply generative models and embeddings directly via SQL, perform semantic vector search, and run end-to-end ML workflows without moving data. Role-specific data agents and assistive features like a data canvas and code completion accelerate work for engineers, data scientists, and business users.

Building the Largest Known GKE Cluster: 130,000 Nodes

🚀 Google Cloud engineers demonstrated an experimental GKE cluster running 130,000 nodes to validate extreme scalability for AI/ML workloads. The test sustained control-plane throughput near 1,000 operations per second, supported over one million datastore objects, and achieved a baseline of 130,000 Pods launching in 3 minutes 40 seconds. The project combined API-server caching KEPs, a Spanner-backed key-value storage backend, and job-level orchestration via Kueue to enable predictable admission, rapid preemption, and efficient utilization at massive scale.

Gemini CLI Adds Looker Extensions for Terminal Data Access

🚀 The Gemini CLI now includes Looker and Looker Conversational Analytics extensions, enabling direct terminal access to Looker data and dashboards. These additions let users ask complex questions, generate reports, and create dashboards without leaving the command line. Installation requires the Gemini CLI (npm), the two extensions, and configuration of Looker API credentials and optional Google Cloud settings. The update aims to streamline workflows and make data exploration more accessible from everyday development environments.