< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 4 of 30

How Google SRE Uses Agentic AI to Improve Operations

🤖 Google SRE describes how agentic AI augments traditional Site Reliability Engineering across the software lifecycle, from design and deployment to incident response and postmortems. The team applies AI agents for anomaly detection, playbook maintenance, alert enrichment, and automated mitigation while enforcing strong controls for security, explainability, and business continuity. Their approach pairs Gemini-based models and internal platforms with existing observability and governance practices.
read more →

Nano Banana 2 and Nano Banana Pro reach general availability

🖼️ Google Cloud announced Nano Banana 2 (Gemini 3.1 Flash Image) and Nano Banana Pro (Gemini 3 Pro Image) are generally available via the Gemini Enterprise Agent Platform, offering enterprise-grade image generation and editing. Nano Banana 2 now supports video files as input in preview, enabling deep video understanding to generate context-aware images. 1K and 2K outputs are GA while 4K remains in preview. The models are integrated by partners like Adobe, WPP, Shopify, URBN, and Magnopus to scale creative workflows and production pipelines.
read more →

Frontier AI models more vulnerable under iterative attacks

🔍 Cisco researchers found that popular frontier LLMs from OpenAI, Anthropic, Google, xAI, and Amazon exhibit substantially higher risk when subjected to multi-turn adversarial attacks than when assessed with single-prompt safety benchmarks. The team ran tens of thousands of single-turn and multi-turn attacks across 15 models and multiple configurations, revealing wide gaps in attack success rates (ASRs) and configuration-dependent safety behavior. They urge improved benchmarks, transparency on configuration impacts, and publication of paired single- and multi-turn ASRs to better inform procurement and governance decisions.
read more →

AppSheet-phishing: attackers abusing Google-linked emails

📧 Recent phishing campaigns exploit Google’s AppSheet platform to send convincing emails from a legitimate noreply{@}appsheet.com address, making them likely to bypass filters. Attackers craft personalized messages — urgent warnings or enticing job offers — to trick victims into submitting identity details on clone sites, then harvest credentials and data. The compromises can lead to account takeover, device control, and secondary targeted attacks using the stolen information.
read more →

Researchers Disrupt Glassworm's Resilient Botnet C2

🛡️ CrowdStrike, Google, and The Shadowserver Foundation coordinated to disrupt the Glassworm botnet by simultaneously takedown of four resilient C2 channels. The threat abused Solana blockchain memo fields, the BitTorrent DHT, Google Calendar events, and traditional VPS-hosted servers to persist and evade mitigation. Active campaigns targeted developers via malicious OpenVSX and VS Code extensions and later poisoned GitHub and npm artifacts. Infected hosts now beacon to a CrowdStrike-controlled IP and YARA rules have been published to detect compromise.
read more →

Google launches AI Threat Defense for enterprises

🔒 Google announces AI Threat Defense, an integrated, automated security system that uses Gemini, Mandiant, Wiz, and CodeMender to detect, prioritize, and remediate AI-powered threats. The platform combines multi-model scanning, live exposure mapping, and AI agents to validate exploitability, generate fixes, and accelerate remediation. It emphasizes machine-speed monitoring, autonomous response, and consolidated visibility across development and runtime environments to reduce attack surface and speed patching.
read more →

Google’s Network Strategy for the AI Era

📡 Google details how its global network and new data center fabrics are being redesigned for AI workloads, describing a vertically integrated stack anchored by an AI Hypercomputer. The post highlights Virgo Network, campus-scale and WAN innovations, and AI-native Cloud Interconnect to meet extreme bandwidth, low latency, and burst tolerance requirements. It emphasizes co-design with accelerators, autonomous reliability features, and global footprint benefits for inference and cross-site training.
read more →

Chinese PhaaS Grow More Sophisticated, Live Theft

🛡️ Google researchers report a rapid rise in Chinese phishing-as-a-service (PhaaS) operations that have shifted from static password harvesting to real-time credential interception and tokenization. These services use encrypted messaging protocols like RCS and iMessage to deliver convincing lures and employ live admin panels to capture OTPs and bypass MFA. Platforms also monetize stolen payment details via digital wallet provisioning and increasingly leverage AI to generate unique phishing pages and evade detection.
read more →

Google integrates CodeMender into enterprise agent platform

🔒 Google is folding CodeMender into its broader Agent Platform strategy, expanding the AI-powered security agent from standalone vulnerability remediation toward an integrated, governed enterprise agent ecosystem. Launched in October 2025 to autonomously identify and patch vulnerabilities using Gemini models, CodeMender reportedly upstreamed dozens of fixes but lacks published performance metrics on accuracy and regressions. The integration emphasizes governance, observability, and identity, positioning CodeMender as a controlled participant in AI-native development and security pipelines rather than an unsupervised remediation tool.
read more →

Chromium leak exposes unfixed persistent JavaScript flaw

🛡️ Google inadvertently published details of an unfixed Chromium vulnerability that allows JavaScript to continue running after the browser is closed, enabling remote code execution via persistent Service Workers. Reported by researcher Lyra Rebane in December 2022, the issue affects all Chromium-based browsers and was marked fixed in February 2024 but a patch was not shipped. The bug tracker entry was briefly made public on May 20, revealing the exploit still works in Chrome Dev 150 and Edge 148, making attacks stealthier and increasing risk until an emergency fix is released.
read more →

Google Cloud I/O updates for startup founders

🚀 At Google I/O ‘26, Google Cloud announced expanded agentic capabilities, new frontier models, and developer tools to help startups move from prototype to production. Highlights include Gemini 3.5 Flash and Gemini Omni for multimodal content, Antigravity 2.0 as an agent control plane with CLI/SDK and dynamic subagents, and Managed Agents to run agent workloads securely in Google Cloud. The releases aim to accelerate development, reduce infrastructure overhead, and provide enterprise-grade security.
read more →

AI Studio expands database choices and Starter Tier

🛠️ At Google I/O 2026, Google announced expanded integration between AI Studio and Google Cloud, allowing new users to deploy up to two full-stack apps on the Starter Tier without a billing account. Developers can now choose between Firestore (non-relational) and Cloud SQL (relational) with Firebase Auth for unified authentication. The AI agent can infer or provision the appropriate database, provision resources, generate schema and code, and deploy apps directly to Cloud Run for rapid prototyping.
read more →

Google Cloud launches AppLifecycle Manager Feature Flags

🔔 AppLifecycle Manager Feature Flags (ALM FF) enters public preview as a rule-based service to decouple feature releases from code deployments. By using toggles and the Common Expression Language (CEL), teams can perform gradual rollouts, instant kill-switches, and percentage-based traffic ramps. String-type flags enable dynamic configuration for applications, including LLM prompts, while OpenFeature compatibility avoids vendor lock-in.
read more →

Practical Guidance for Securing Google API Keys

🔐 This post explains why API keys are sensitive credentials for accessing Google AI and Cloud services and why careless handling leads to misuse or billing abuse. It outlines simple, actionable steps: create keys in dedicated projects, apply API and application restrictions, and store keys in Secret Manager or equivalent. The article also covers detection and response—how to list keys, monitor usage metrics, delete compromised keys, and rotate keys to reduce risk.
read more →

Urban Outfitters Migrates Sterling OMS to AlloyDB Platform

🚀Urban Outfitters, Inc. (URBN) recently migrated its IBM Sterling OMS from an 11TB Oracle backend to Google Cloud’s AlloyDB for PostgreSQL to reduce TCO and improve scalability and performance. The migration was executed through close collaboration among URBN, IBM, and Google Cloud, with embedded engineering teams driving planning, testing, and tuning. Outcomes included optimized storage and compute, two read replicas for higher availability, significant performance improvements, and a shift toward open standards to future-proof operations.
read more →

Google AI Edge Portal Adds On‑Device LLM Benchmarking

🚀 Google AI Edge Portal now enables developers to benchmark and debug on-device LLMs across a physical lab of over 120 representative Android devices. It profiles initialization time, prefill and decode speeds, and peak memory usage across CPU, GPU, and NPU backends to surface real user-impacting metrics. The integrated Model Explorer visualizes model graphs, tensor shapes, and traces to speed root-cause analysis and collaboration.
read more →

GKE Agent Sandbox GA and Agent Substrate Launch on GKE

🚀 Google Cloud announced general availability of GKE Agent Sandbox and introduced the open-source Agent Substrate. Agent Sandbox is a cloud-native execution environment designed for AI agents, offering pod snapshots to suspend idle workloads, an integrated warm pool for sub-second provisioning, gVisor and pluggable kernel isolation, and standby suspended VMs to reduce warm-pool cost. Agent Substrate aims to provide a minimal control plane and scheduler optimizations to support ultra-dense, low-latency agent workloads at scale.
read more →

Google Agent Executor: Open Runtime for Distributed Agents

🔧 Google today introduced Agent Executor, an open-source runtime standard for durable, resumable, and distributed agent execution. It offers event logging and snapshotting to enable durable execution, secure sandbox isolation to limit harm, and a single-writer architecture to maintain session consistency. Agent Executor also supports connection recovery so clients can reconnect to long-running workflows. The project is available in preview and pairs with Agent Substrate to improve Kubernetes-scale agent scheduling.
read more →

Google I/O: Tools for Building and Deploying Agents

🔧 At Google I/O, Google Cloud introduced a unified developer toolkit that brings Antigravity 2.0, the Gemini Enterprise Agent Platform, the Managed Agents API, and ADK 2.0 into a shared protocol layer to accelerate local development and secure cloud deployment. The post outlines a four-rung ladder from low-code Agent Studio to code-first ADK, all underpinned by the interoperable A2A protocol. New Antigravity desktop and CLI tools provide a consistent harness for coding agents, while Managed Agents offer agent-as-a-service with sandboxed execution. The platform emphasizes governance, skill reuse, evaluation tooling, and secure pipelines for production.
read more →

Google I/O '26: Gemini, Antigravity, and Workspace AI

🤖 Today at Google I/O, Google Cloud announced a broad set of AI advances delivered through Gemini Enterprise and Google Workspace, including Gemini 3.5 Flash, Gemini Omni, Antigravity, and Gemini Spark. These offerings include new models, an Agent Platform with a Managed Agents API, and CodeMender for automated code security. The updates emphasize agentic workflows, multimodal content creation, enterprise-grade security, and faster, cost-efficient model performance.
read more →