All news with #google tag

Notable Post-Quantum Cryptography Initiatives 2023

🔐 The article surveys major post‑quantum cryptography (PQC) initiatives from 2023–2025 that aim to prepare governments and industry for an eventual Q‑Day. It highlights NIST's standardization of ML‑KEM, ML‑DSA and SLH‑DSA (with HQC later selected) and vendor adoption by Google, AWS, Microsoft and others, including Chrome's default hybrid key exchange. Collaborative efforts such as the Linux Foundation's PQCA, the PQC Coalition and IETF's PQUIP are creating tooling, guidance and implementations, while agencies and standards bodies provide migration roadmaps and practical advice on crypto agility and hybrid strategies to mitigate "harvest now, decrypt later" risks.

A4X Max, GKE Networking, and Vertex AI Training Now Shipping

🚀 Google Cloud is expanding its NVIDIA collaboration with the new A4X Max instances powered by NVIDIA GB300 NVL72, delivering 72 GPUs with high‑bandwidth NVLink and shared memory for demanding multimodal reasoning. GKE now supports DRANET for topology‑aware RDMA scheduling and integrates NVIDIA NeMo Guardrails into GKE Inference Gateway, while Vertex AI Model Garden will host NVIDIA Nemotron models. Vertex AI Training adds NeMo and NeMo‑RL recipes and a managed Slurm environment to accelerate large‑scale training and deployment.

Google Cloud launches managed DRANET for GKE with A4X Max

🚀 Google Cloud is previewing managed DRANET on GKE, enabling Kubernetes to treat high-performance RDMA network interfaces as schedulable resources. The integration aligns NICs and GPUs by NUMA topology to reduce latency and increase throughput, while abstracting away operational complexity. It launches with the new A4X Max instances to deliver topology-aware networking for large multi-GPU AI workloads. Developers can request specific network interfaces in pod specs and rely on GKE to co-schedule NICs and accelerators, improving utilization and simplifying operations.

Google for Startups: AI Cohort Boosts LATAM Cybersecurity

🔐 Google selected 11 startups for its inaugural Google for Startups Accelerator: AI for Cybersecurity in Latin America, a ten-week program that pairs founders with Google's technical resources, mentorship, and product support. The cohort — drawn from Brazil, Chile, Colombia, and Mexico — focuses on AI-driven solutions across threat detection, compliance automation, fraud prevention, and protections for AI agents. Participants will receive hands-on guidance to scale, validate, and deploy tools that reduce cyber risk across the region.

Chrome to Enable Always Use Secure Connections by Default

🔒 Google will enable Always Use Secure Connections by default in Chrome 154 (October 2026), prompting users before the first access to any public site that lacks HTTPS. The browser will attempt HTTPS for every connection and show a bypassable warning when HTTPS is unavailable, while suppressing repeated warnings for frequently visited sites. A public-sites-only variant excludes private/local names to reduce noise and will roll out earlier to Enhanced Safe Browsing users. Administrators can disable the setting and Google provides migration guidance.

Chrome to warn before opening insecure HTTP sites in 2026

🔒 Google will enable Always Use Secure Connections by default in Chrome 154 (October 2026), prompting users before the first access to any public site that uses HTTP. This change promotes the existing opt-in HTTPS-First Mode to a default setting to better protect users from man-in-the-middle attacks and content tampering. Chrome will avoid repeated alerts for frequently visited insecure sites and offers options to restrict warnings to public sites or to include private intranets. Before the full rollout, Chrome 147 (April 2026) will enable the setting for over 1 billion users with Enhanced Safe Browsing to help identify sites that need migration.

GitHub Agent HQ: Native AI Agents and Governance Launch

🤖 Agent HQ integrates AI agents directly into the GitHub workflow, making third-party coding assistants available through paid Copilot subscriptions. It introduces a cross-surface mission control to assign, steer, and track agents from GitHub, VS Code, mobile, and the CLI. VS Code additions include Plan Mode, AGENTS.md for custom agent rules, and an MCP Registry to discover partner servers. Enterprise features add governance, audit logging, branch CI controls, and a Copilot metrics dashboard.

GitHub Agent HQ: Native, Open Ecosystem & Controls

🚀 GitHub introduced Agent HQ, a native platform that centralizes AI agents within the GitHub workflow. The initiative will bring partner coding agents from OpenAI, Anthropic, Google, Cognition, and xAI into Copilot subscriptions and VS Code. A unified "mission control" offers a consistent command center across GitHub, VS Code, mobile, and the CLI. Enterprise-grade controls, code quality tooling, and a Copilot metrics dashboard provide governance and visibility for teams.

Enabling a Safe Agentic Web with reCAPTCHA Controls

🔐 Google Cloud outlines a pragmatic framework to secure the emerging agentic web while preserving smooth user experiences. The post details how reCAPTCHA and Google Cloud combine agent and user identity, continuous behavior analysis, and AI-resistant mitigations such as mobile-device attestations. It highlights enabling safe agentic commerce via protocols like AP2 and tighter integration with cloud AI services.

Chrome zero-day exploited in targeted Operation ForumTroll

🔒 A critical Chrome zero-day (CVE-2025-2783) has been actively exploited in a targeted espionage operation Kaspersky calls "Operation ForumTroll," attributed to the threat actor Mem3nt0 mori. Attackers used highly personalized phishing invites and one-click, short-lived links to deliver a sandbox-escape exploit that enabled code execution in Chrome's browser process. Google moved quickly with fixes in Chrome 134.0.6998.177/.178, while related issues were later patched in Firefox as CVE-2025-2857.

Integrating Oracle with Google Cloud for AI Automation

🔁 This Google Cloud post explains how enterprises can integrate Oracle Database with cloud-native analytics and AI by moving transactional data into BigQuery. It recommends ingestion patterns such as low-latency Change Data Capture via Datastream, batch staging to Cloud Storage, and notes ODBC/JDBC for interactive queries but not continuous replication. Once data resides in BigQuery, organizations can leverage Gemini-powered features, BigQuery ML, and AI agents (via the Agent Developer Kit) for natural-language exploration, assisted coding, multimodal analysis, and automated workflows across retail and education use cases.

Agent Factory Recap: AI Agents for Data Engineering

🔍 The episode of The Agent Factory reviewed practical AI agents for data engineering and data science, highlighting demos that combine Gemini, BigQuery, Colab Enterprise, and Spanner-based graph queries. It showcased a BigQuery Data Engineering Agent that generates pipelines, time dimensions, and data-quality assertions from SQL, and a Data Science Agent that runs end-to-end anomaly detection in Colab. The post also covered CodeMender for autonomous code security fixes and a creative Spanner+ADK comic demo illustrating multi-region concepts.

Privileged Account Monitoring and Protection Guide Overview

🔐 This article outlines Mandiant's practical framework for securing privileged access across modern enterprise and cloud environments. It emphasizes a three-pillar approach—Prevention, Detection, and Response—and details controls such as PAM, PAWs, JIT/JEA, MFA, secrets rotation, and tiered access. The post highlights detection engineering, high-fidelity session capture, and SOAR automation to reduce dwell time and blast radius, and concludes with incident response guidance including enterprise password rotations and protected recovery paths.

Google Public Sector Expands Investments in Partners

🚀 At Partner Connect during the Google Public Sector Summit, Google announced expanded investments to deepen collaboration and accelerate AI adoption across the public sector partner ecosystem. Highlights include increased Rapid Innovation Team funding, doubled capacity for Partner Development Sprints, and boosted Deal Acceleration Funds to shorten sales cycles. Google also launched three new Public Sector Partner Expertise badges for Google Distributed Cloud, Infrastructure Modernization, and Gemini for Government, a standardized Services Subcontractor Program, and an expanded ISV ATO Accelerator offering up to $250,000 in GCP credits plus $500,000 in services reimbursements to speed FedRAMP/Impact Level readiness. Partner Demo Portal improvements, enhanced analytics, new labs, and bootcamps round out efforts to simplify co-selling and accelerate partner time-to-market.

Hardening Google Workspace: Practical Guidance for Teams

🔒 Small security teams can harden Google Workspace by enforcing MFA, restricting admin roles, and tightening sharing and OAuth app permissions. The article stresses stronger email defenses — advanced phishing controls, DMARC/DKIM/SPF — and proactive monitoring for account takeovers through alerts and behavioral signals. It argues native controls form a solid foundation but leave gaps, and recommends augmenting them with Material Security for unified visibility and automated remediation.

Chrome zero-day exploited to deliver LeetAgent spyware

⚠️ Kaspersky reports a patched Google Chrome zero-day (CVE-2025-2783) was exploited to deploy a newly documented spyware called LeetAgent linked to Italian firm Memento Labs. The operation used personalized, short‑lived phishing links to a Primakov Readings lure that triggered a sandbox escape in Chromium browsers and dropped a loader to launch the implant. Targets included media, universities, research centers, government and financial organizations in Russia and Belarus.

Google Refutes False Claims of Massive Gmail Breach

🔒 Google says reports of a massive Gmail data breach are false and that the coverage mischaracterizes a large compilation of exposed credentials. The 183 million-account figure reflects aggregated infostealer databases and credential dumps compiled over years, not a single Gmail compromise. Troy Hunt added the dataset to Have I Been Pwned, which found 91% of entries were previously seen; 16.4 million addresses were newly observed. Users should check their accounts, run antivirus scans, and change any compromised passwords.

Italian Spyware Vendor Linked to Chrome Zero-Day Attacks

🔎 Kaspersky links a Chrome zero-day used in Operation ForumTroll to spyware tied to Memento Labs, a company formed from assets of the former Hacking Team. The campaign, revealed in March, used targeted phishing invites to the Primakov Readings and exploited a sandbox escape (CVE-2025-2783) to deploy a persistent loader. That loader decrypted and executed LeetAgent, a modular spyware, and in some cases introduced the Dante implant. Chrome and Firefox received patches soon after the discovery.

Vertex AI Training Expands Large-Scale Training Capabilities

🚀 Vertex AI Training introduces managed features designed for large-scale model development, simplifying cluster provisioning, job orchestration, and resiliency across hundreds to thousands of accelerators. The offering integrates Cluster Director, Dynamic Workload Scheduler, optimized checkpointing, and curated training recipes, including NVIDIA NeMo support. These capabilities reduce operational overhead and accelerate transitions from pretraining to fine-tuning while improving cost and uptime efficiency.

Google Cloud Bigtable Adds Tiered Storage for Hot/Cold Data

🔔 Google Cloud previewed Bigtable tiered storage, which automatically moves less-frequently accessed data from high-performance SSD storage to an infrequent access tier while exposing the same Bigtable API. The fully managed feature integrates with Bigtable autoscaling so applications can read and write across hot and cold tiers via a single interface. Google says the infrequent access tier can be up to 85% less expensive than SSD and that a tiered-storage node offers substantially more usable capacity, making it suited for large time-series and telemetry datasets that require long-term retention for analytics or compliance.