All news with #google tag

GTIG: Threat Actors Shift to AI-Enabled Runtime Malware

🔍 Google Threat Intelligence Group (GTIG) reports an operational shift from adversaries using AI for productivity to embedding generative models inside malware to generate or alter code at runtime. GTIG details “just-in-time” LLM calls in families like PROMPTFLUX and PROMPTSTEAL, which query external models such as Gemini to obfuscate, regenerate, or produce one‑time functions during execution. Google says it disabled abusive assets, strengthened classifiers and model protections, and recommends monitoring LLM API usage, protecting credentials, and treating runtime model calls as potential live command channels.

Cloud CISO: Threat Actors' Growing Use of AI Tools

⚠️Google's Threat Intelligence team reports a shift from experimentation to operational use of AI by threat actors, including AI-enabled malware and prompt-based command generation. GTIG highlighted PROMPTSTEAL, linked to APT28 (FROZENLAKE), which queries a Hugging Face LLM to generate scripts for reconnaissance, document collection, and exfiltration, while adopting greater obfuscation and altered C2 methods. Google disabled related assets, strengthened model classifiers and safeguards with DeepMind, and urges defenders to update threat models, monitor anomalous scripting and C2, and incorporate threat intelligence into model- and classifier-level protections.

Securing the Open Android Ecosystem with Samsung Knox

🔒 Samsung Knox is a built-in security platform for Samsung Galaxy devices that combines hardware- and software-level protections to safeguard enterprise data and provide IT teams with centralized control. It layers defenses — including AI-powered malware detection, curated app controls, Message Guard for zero-click image scanning, and DEFEX exploit detection — while integrating with EMMs and offering granular update management via Knox E-FOTA. The platform emphasizes visibility, policy enforcement, and predictable lifecycle management to reduce risk and operational disruption.

Building Collaborative AI with ADK: A Developer’s Guide

🧭 This guide summarizes Multi-Agent System (MAS) fundamentals and explains how Google’s Agent Development Kit (ADK) helps developers assemble cooperating agents to solve complex tasks. It outlines three agent roles — LLM Agents for reasoning, Workflow Agents for orchestration, and Custom Agents for bespoke logic — and describes hierarchical organization and orchestration patterns (sequential, parallel, loop). The post also reviews communication options (shared state, LLM delegation, explicit invocation) and points developers to samples and codelabs for rapid prototyping.

Kubernetes introduces control-plane minor-version rollback

🔁 Google and the Kubernetes community introduced control-plane minor-version rollback in Kubernetes 1.33, giving operators a safe, observable path to revert control-plane upgrades. The new KEP-4330 emulated-version model separates binary upgrades from API and storage transitions into a two-step process, enabling validation before committing changes. This capability is available in open-source Kubernetes and will be generally available in GKE 1.33 soon, reducing upgrade risk and shortening recovery time from unexpected regressions.

October 2025 Google AI: Research, Products, and Security

📰 In October, Google highlighted AI advances across research, consumer devices and enterprise tools, from rolling out Gemini for Home and vibe coding in AI Studio to launching Gemini Enterprise for workplace AI. The month included security initiatives for Cybersecurity Awareness Month—anti‑scam protections, CodeMender and the Secure AI Framework 2.0—and developer releases like the Gemini 2.5 Computer Use model. Research milestones included a verifiable quantum advantage result and an oncology-focused model, Cell2Sentence-Scale, aimed at accelerating cancer therapy discovery.

Google AI 'Big Sleep' Finds Five WebKit Flaws in Safari

🔒 Google’s AI agent Big Sleep reported five vulnerabilities in Apple’s WebKit used by Safari, including a buffer overflow, two memory-corruption issues, an unspecified crash flaw, and a use-after-free (CVE-2025-43429 through CVE-2025-43434). Apple issued patches across iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, visionOS 26.1 and Safari 26.1. Users are advised to install the updates promptly to mitigate crash and memory-corruption risks.

Google Cloud Cost Anomaly Detection Now Generally Available

🔔 Google Cloud has made Cost Anomaly Detection generally available to provide an automatic safety net for unexpected cloud spend. Alerts are enabled by default for all projects and delivered to Billing Administrators, with preferences managed in the billing console and direct links to an Anomaly dashboard that shows suspected root causes. The GA release introduces AI-generated thresholds that learn from historical spending, a percentage-deviation filter to keep alerts relevant across project sizes, and cold-start handling so new accounts receive protection immediately. The feature is free and integrates with Cloud Budgets as part of Google Cloud’s FinOps capabilities.

Mercado Libre's Spanner-Based Platform for Scale and AI

🚀 Mercado Libre leverages Spanner as the core of a developer-facing platform, exposing consistent, globally-scalable transactions through its internal gateway, Fury. Fury abstracts distributed database complexity and serves both relational and key-value workloads. Integration with BigQuery via Data Boost and Change Streams enables near-real-time analytics and reverse ETL to operational systems.

Google Confirms AI Search Will Include Ads, Evolving Format

📣Google says its ad business will remain central as it integrates advertising into AI-powered search experiences. Google currently offers AI Overviews and a more capable AI Mode, and has begun limited experiments placing ads within those results. Executives say ads won't disappear but may appear differently and become more personalized based on user data. Tests and further plans are expected to continue into next year.

Choosing Google Cloud Managed Lustre for External KV Cache

🚀 This post explains how an external KV Cache backed by Google Cloud Managed Lustre can accelerate transformer inference and lower costs by offloading expensive prefill compute to I/O. In experiments with a 50K token context and ~75% cache-hit, Managed Lustre increased inference throughput by 75% and cut mean time-to-first-token by 44%. The analysis projects a 35% TCO reduction and up to ~43% fewer GPUs for the same workload, and the article summarizes practical steps: provision Managed Lustre in the same zone, deploy an inference server that supports external caching (for example vLLM), enable o_direct, and tune I/O parallelism.

Conversational AI Agents: Designing for Retail UX, Commerce

🛍️ Google Cloud outlines UX and implementation guidance for building conversational AI agents tailored to online shopping. The article presents seven practical design principles — including multimodal input, intelligent query handling, rich visual presentation, and clear trust signals — that improve discovery and reduce friction. It highlights features like predictive assistance and contextual clarification and offers a Figma component library plus developer resources to accelerate deployment.

GKE and Gemini CLI Integration Enhances Developer Workflows

🚀 Google has open-sourced the GKE Gemini CLI extension, bringing Google Kubernetes Engine directly into the Gemini CLI ecosystem while also functioning as an MCP server for other MCP clients. The extension injects GKE-specific context, tools, and tailored prompts so developers can use shorter, more natural language interactions and integrated slash commands to complete complex workflows. It simplifies common operations—like selecting models and accelerators or generating Kubernetes manifests for inference—while improving compatibility with Cloud Observability. The project is actively maintained with regular releases and community contributions.

Log Analytics Query Builder Makes Log SQL Easier for Teams

🔍 The Log Analytics query builder in Google Cloud Console provides a UI-driven way to build and preview SQL-based log queries without hand-coding. It helps DevOps engineers, SREs, and application developers search across fields, infer JSON schemas, select nested values, and apply aggregations via an intuitive interface. Real-time SQL preview and one-click visualizations let users switch to the editor to fine-tune queries and save dashboards.

Google says Search AI Mode will access personal data

🔎 Google says a forthcoming AI Mode for Search could, with users' opt-in consent, access content from Gmail, Drive, Calendar and Maps to provide customized results and actions. The company is testing early experiments in Labs for personalized shopping and local recommendations, and suggests features like flight summaries, scheduling, or trip planning could leverage that data. Timing remains TBD.

How Android Uses AI to Protect Users from Scams Globally

🔒 Android applies layered Google AI to anticipate and block mobile scams before they reach users. Built-in protections—such as Google Messages spam filtering and on-device Scam Detection, plus Phone by Google automatic call blocking and Call Screen—identify conversational scam patterns and surface real-time warnings. Android blocks over 10 billion suspected malicious calls and messages monthly and recently stopped more than 100 million suspicious numbers from using RCS. Protections are ephemeral, on-device where possible, and continuously updated to adapt to evolving threats.

Google's Android AI Blocks Billions of Scam Messages

📱 Google says built-in scam defenses on Android prevent more than 10 billion suspected malicious calls and messages every month and have blocked over 100 million suspicious numbers from using RCS. The company uses on-device artificial intelligence to filter likely spam into the "spam & blocked" folder in Google Messages and recently rolled out safer link warnings for flagged messages. Analysis of user reports in August 2025 identified employment fraud as the most common scam type, while scammers increasingly employ group-message tactics and time-of-day scheduling to increase success rates.

Chromium Blink flaw crashes Chrome, Edge; exploit published

⚠ A researcher, Jose Pino, published a proof-of-concept on October 29 demonstrating a Blink rendering-engine flaw that can crash Chrome, Microsoft Edge and several other Chromium-based browsers within seconds by flooding document.title updates. Pino says he reported the issue to Google on August 28 and, after no response, released the PoC to force public attention. The exploit saturates the main thread with millions of DOM mutations per second, producing rapid CPU spikes, tab freezes and eventual process termination, and it raises particular concern for headless and automated enterprise workflows.

Master Multitasking with the Jules Extension for Gemini CLI

🤖 The new Jules extension for Gemini CLI lets developers delegate routine engineering tasks—like bug fixes, dependency updates, and vulnerability patches—to an autonomous background agent. Jules runs asynchronously and can work on multiple GitHub issues in parallel, preparing fixes in isolated environments for review. It also composes with other extensions to automate security remediation, crash investigation, and unit test creation, returning ready-to-review branches so you can stay focused on higher-value work.

Email and Remote Access Drive 90% of Cyber Claims in 2024

📧 At-Bay's 2025 InsurSec analysis finds email and remote access were central to 90% of cyber insurance claims in 2024. Email accounted for 43% of incidents and fraud schemes commonly begin with credential theft, domain spoofing, and impersonation. Google Workspace was cited as the most secure mail provider, though claims rose; MDR services were highlighted as the most reliable defense against full encryption.