< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 6 of 30

Five Google Tools to Strengthen Account Sign‑In Security

🔐 Google outlines five practical tools to make Google Account sign‑ins simpler and more secure on World Password Day 2026. Highlights include Passkeys (device-based sign-in using fingerprint, face, or PIN), recommended pairing with 2-Step Verification, and the ability to add up to 10 Recovery Contacts for account recovery. The post also promotes Sign in with Google to reduce password proliferation and Google Password Manager to create, save, sync, and autofill strong passwords and passkeys.
read more →

US Agency to Safety-Test Frontier AI Models Pre-Release

🔒 The Center for AI Standards and Innovation (CAISI), part of the Department of Commerce’s NIST, has secured agreements with Google DeepMind, Microsoft, and xAI to conduct pre-deployment evaluations and targeted research on frontier AI models. These accords expand an existing program that already includes Anthropic and OpenAI and are intended to provide vendors with safety feedback before public release. Microsoft described the partnerships as essential to building trust in advanced systems, while CAISI emphasized continuous evaluation to advance AI security and standards.
read more →

6x Faster Model Migration from TensorFlow to JAX at Scale

⚡ Google reports a 6x speedup migrating production models from TensorFlow to JAX using a specialized multi-agent AI system. The architecture pairs deterministic static analysis with three coordinated agents—Planner, Orchestrator, and Coder—plus hierarchical Playbooks to manage large, multi-file repositories. The pipeline enforces mathematical equivalence via algorithmic checks and applies blind LLM audits, reducing months of manual migration work to weeks of AI-assisted code generation followed by expert review.
read more →

Google Named a Leader in 2026 Gartner Cyberthreat IQ MQ

🔒 Google has been named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies. The company highlights a unified ecosystem combining Mandiant, VirusTotal, Google infrastructure visibility and Gemini-powered agentic intelligence to detect and preempt threats. Google reports high signal accuracy, turnkey integrations with Security Operations, and combined human expertise to reduce false positives and accelerate response.
read more →

Google Expands Binary Transparency for Android Apps

🔐 Google has expanded Binary Transparency for Android to publish a cryptographic, append-only ledger that records production Google app binaries and Mainline modules. Beginning May 1, 2026, supported production apps will have public ledger entries to attest authenticity. Google is also providing verification tooling so users and researchers can confirm software integrity and detect unauthorized or "one-off" builds.
read more →

Cloud Engineers AI Toolkit: Hands-on Developer Workshops

🤖 Join hands-on developer workshops across North America that teach secure, scalable deployment of agentic AI for enterprises. These sessions are practical, bring-your-laptop labs where Platform, Security, and Data practitioners build end-to-end solutions, including GKE cluster hardening, secure sandboxing, and governed data pipelines. Tracks cover GKE + Data and Data Engineering & Analytics, with guidance from Google experts. Attendees leave with runnable labs and operational best practices to accelerate production adoption.
read more →

Agent Factory Recap: Gemma 4 Brings Agentic AI to Devices

🤖 Gemma 4, released by Google DeepMind, is a new family of open models optimized for local and mobile deployment. The family emphasizes intelligence per parameter, offering ultra-mobile E2B/E4B sizes, a 31B dense model for local GPUs, and a 26B Mixture-of-Experts variant. The shift to an Apache 2 license plus tools like the Agent Development Kit enables offline agentic workflows and commercial use by developers and startups.
read more →

Google boosts top Android exploit rewards to $1.5M

🔐Google updated its Android and Chrome vulnerability rewards, increasing top-tier payouts for the most difficult exploits while lowering awards for issues AI has made easier to find. The highest Android prize is $1.5 million for zero-click, full-chain persistent exploits against a Pixel Titan M2 security chip, with $750,000 for non-persistent variants. For Chrome, full-chain browser process exploits pay up to $250,000 plus a $250,128 bonus for exploiting MiraclePtr-protected allocations; Google also narrows Android scope to Linux kernel bugs in Google-maintained components unless concrete device exploitability is shown.
read more →

Firestore expands agentic AI, full-text search, MongoDB

🚀 At Google Cloud Next '26, Firestore introduced expanded agentic AI integrations, built-in full-text search, and deeper MongoDB compatibility aimed at accelerating agent-driven applications. The Enterprise edition’s reimagined query engine adds hundreds of expressive query features, JOINs via subqueries, and pipeline operations. Native connections to AI Studio and third-party coding agents plus preview tools like natural language console querying and Usage Insights simplify building agentic workflows. These capabilities are available now in Firestore Enterprise in both Native and MongoDB compatibility modes.
read more →

Chrome Enterprise Adds Healthcare Integrations and Security

🔒 Chrome Enterprise Premium extends the familiar Chrome browser with enterprise-grade security, management, and healthcare-focused integrations to help clinicians access EHRs and web apps securely. It highlights advanced DLP, real-time URL scanning, phishing and malware protections, and controls to block copy/paste, printing, or screen capture of sensitive records. Google announced partnerships with Epic, Imprivata, AuthX, and Citrix to optimize EHR performance, enable passwordless authentication, streamline identity, and unify virtualized workflows. Eligible organizations are offered an extended 6-month trial, no-charge seats for the trial, $5,000 in services funding upon conversion, and high-touch onboarding.
read more →

30,000 Facebook Accounts Hacked via AppSheet Phishing Relay

🔐 A Vietnamese-linked operation used a Google AppSheet address as a phishing relay to distribute credential-harvesting pages and compromise roughly 30,000 Facebook accounts. Guardio, calling the scheme AccountDumpling, says stolen accounts are resold via an illicit storefront after exfiltration to Telegram channels. Lures hosted on Netlify, Vercel and Google Drive, plus Canva-generated PDFs, were used to harvest passwords, 2FA codes, IDs and business data, leaving many victims locked out.
read more →

Critical RCE Vulnerability Discovered in Google Gemini CLI

🔒 Researchers disclosed a max-severity remote code execution (RCE) vulnerability in @google/gemini-cli and the associated GitHub Action that could load untrusted workspace configurations in headless CI environments. Google issued patches in 0.39.1, 0.40.0-preview.3 and updated the run-gemini-cli Action to 0.1.22, removing implicit workspace trust and enforcing tool allowlists. Teams that pin CLI versions are advised to upgrade and review workspace configurations immediately.
read more →

Google and Cursor Fix Critical RCE Flaws in Dev Tools

🔒 Google patched a maximum-severity remote code execution vulnerability in @google/gemini-cli and the google-github-actions/run-gemini-cli workflow that could allow attackers to run arbitrary commands on host systems. Novee Security reported the flaw, which carries a CVSS score of 10.0, and Google says the impact is limited to headless CI usage where workspace folders were auto-trusted. Affected versions include @google/gemini-cli prior to 0.39.1 (and preview releases) and run-gemini-cli prior to 0.1.22; users should update to the patched releases, explicitly set GEMINI_TRUST_WORKSPACE when inputs are trusted, or follow Google’s hardening guidance for untrusted inputs. Google also tightened allowlisting checks for --yolo mode to prevent auto-approved tool calls from bypassing restrictions.
read more →

AWS SageMaker JumpStart Adds Google DeepMind Gemma 4

🤖 AWS has added Google DeepMind's instruction‑tuned Gemma 4 E4B, Gemma 4 26B‑A4B, and Gemma 4 31B to SageMaker JumpStart, making multimodal foundation models directly accessible to AWS customers. The models offer configurable step‑by‑step reasoning, interleaved text and image inputs, video and image understanding, native function calling, and multilingual support across 140+ languages. Gemma 4 E4B also supports audio input for ASR and speech‑to‑translated‑text workflows. Customers can deploy these models via SageMaker Studio or the SageMaker Python SDK for rapid experimentation and production.
read more →

Google Cloud Next '26: Agent, Data, Compute for Startups

🚀 Google Cloud Next ’26 introduced an integrated AI stack for startups centered on Gemini Enterprise, an end‑to‑end agent lifecycle platform with an Agent Development Kit, Agent Studio, and production runtimes that support sub‑second starts and persistent memory. The Agentic Data Cloud and zero‑ETL features enable cross‑cloud data access and high‑accuracy text‑to‑SQL to avoid costly migrations. Infrastructure updates (TPU 8t/8i, Axion N4A, new networking machines, and GKE sandboxes) plus agentic security integrations and a $750M partner fund aim to accelerate prototyping, secure production deployments, and enterprise go‑to‑market.
read more →

UKG Builds People Fabric with AlloyDB and Agentic Cloud

🤖 UKG built People Fabric to unify its legacy HCM and WFM systems into a single, real-time data and intelligence platform powered by AlloyDB for PostgreSQL and Google's Agentic Data Cloud. The platform establishes a canonical data model, ingests change streams via a custom CDC pipeline and Dataflow, and serves operational queries from AlloyDB while routing analytics workloads to BigQuery and tenancy metadata to Cloud SQL. The outcome is millisecond read-after-write behavior, native vector support for AI agents, and faster developer velocity across 126 application teams and thousands of database instances.
read more →

Public Sector Embraces Agentic AI: Highlights from Next '26

🤖 At Google Cloud Next, public sector leaders showcased how they are using AI agents to boost productivity and mission impact across government and research organizations. Google introduced the Gemini Enterprise Agent Platform—an evolution of Vertex AI—plus the Gemini Enterprise App with Gemini 3.1 Pro and an Agent Designer for inspectable, schedule‑based workflows. The announcement also covered AI infrastructure (TPU 8 series), an Agentic Data Cloud, enhanced security and Agentic Defense, partner initiatives, and upskilling through the GEAR program.
read more →

Google Cloud Next '26: Agentic Era and 260 Announcements

🤖 Google Cloud Next '26 in Las Vegas showcased a broad enterprise push into the agentic era, with over 32,000 attendees and 260 product, partner, and customer announcements. Highlights include the new Gemini Enterprise Agent Platform, the Gemini Enterprise app, 8th-generation TPUs, and a host of agent-focused capabilities for development, runtime, memory, observability, and governance. The week emphasized production readiness, cross-cloud data integration, and strengthened security through the Wiz acquisition and Model Armor integrations.
read more →

Indirect Prompt Injection: Current Web Threats and Trends

🔎 Google Threat Intelligence scanned a large Common Crawl corpus to detect indirect prompt injection (IPI) patterns embedded in public web pages. The team combined signature-based pattern matching, Gemini-assisted classification, and manual review to reduce false positives and contextualize findings. Most observed injections were low-sophistication—pranks, benign guidance, or SEO-driven prompts—but a smaller and rising set attempted data exfiltration or destructive actions. The study excludes social media and login-protected content and reports a 32% increase in malicious samples between Nov 2025 and Feb 2026.
read more →

Google favors Gemini general model over cyber-specific LLM

🔒 At Google Cloud Next 26, COO Francis DeSouza said Google will not release a separate cyber‑focused frontier model and instead relies on the generalist Gemini3.1 Pro for security use cases. He advised pairing a strong general model with the right tooling, governance and access controls and training it on organisation‑specific context. Google plans to combine Gemini with agent and platform capabilities to support automated detection, triage and response. Competitors such as Anthropic and OpenAI are pursuing specialised variants like Claude Mythos and GPT‑5.4‑Cyber.
read more →