All news with #mcp tag

🔧 Data Agent Kit is an open-source toolkit from Google Cloud that brings data engineering and data science skills, plugins, and secure connectors directly into your IDE or CLI. It provides prebuilt agentic skills, Model Context Protocol (MCP) integrations to BigQuery, AlloyDB, and Cloud Storage, plus native extensions for VS Code, Gemini CLI, Claude Code, and Codex. By grounding agents in unified enterprise data, it reduces manual ETL and context-window costs and accelerates intent-driven pipelines; the kit is available in preview.

🔒 This article outlines five architectural patterns for exposing enterprise data to autonomous systems on Google Cloud, using BigQuery examples and mocked CRM data as pedagogical blueprints. It contrasts deterministic, developer-authored SQL APIs with agentic approaches that use LLMs, platform-native reasoning like the Conversational Analytics API, and the vendor-neutral Model Context Protocol (MCP). It highlights trade-offs in trust, complexity, cost, latency, and maintenance.

🚀 Google Cloud announced streaming AI enhancements to its Agentic Data Cloud at Next ‘26, unifying Pub/Sub, Dataflow, BigQuery, Bigtable and Managed Service for Kafka to deliver real-time context and low-latency inference. These additions include Pub/Sub AI inference, BigQuery continuous queries for stateful stream processing, Pub/Sub→Bigtable subscriptions, and unified embedding sinks for immediate semantic search and agent memory. The platform also supports MCP and ADK integrations so agents can manage resources and run inside Dataflow pipelines, reducing context lag for use cases like fraud detection and autonomous supply chain actions.

🛠️ AWS has made its AWS Transform agents available through an agent plugin, a Kiro Power in the Kiro marketplace, and the AWS Transform MCP server. Developers can now invoke transformation capabilities from their IDE, the web console, or programmatically, maintaining consistent job state across surfaces. IAM role authentication is supported, enabling use of existing AWS credentials for environments, workspaces, and jobs.

🔒 Model Context Protocol (MCP), the emerging plugin layer for agentic AI, has become a significant blind spot for security teams, introducing new shadow-AI risks much like shadow IT. CTEM programs can close this gap by extending scoping, discovery, prioritization, validation and mobilization to cover developer workstations, AI toolchains and MCP server configurations. Practical actions include actively enumerating MCP endpoints, scanning agent configuration and markdown context files for hardcoded API keys, and prioritizing exposures by attacker impact to produce actionable remediation tickets for engineering teams.

⚖️ Re-permissioning aligns AI agents' access with clear operational needs so they execute tasks safely rather than accumulate unnecessary powers that enable unauthorized actions. As agents evolve from responders into execution engines, interoperability standards like MCP and agent-to-agent flows expand reach but also multiply where things can go wrong. Organizations should enforce continuous permission audits, mandatory human-in-the-loop checks for sensitive operations, strict least-privilege context sharing, and vet integrations, libraries and third parties while running tabletop prompt-injection exercises to validate controls and prevent data exposure or integrity-impacting changes.

🔌 At Google Cloud Next ’26, Google announced that more than 50 Google-managed MCP servers are generally available or in preview, enabling AI agents to connect securely to Google and Google Cloud services without local MCP deployments. The managed endpoints integrate with major agent runtimes and frameworks including Gemini CLI, LangChain, ADK, and others, supporting Resources and Prompts as protocol primitives in addition to Tools. The offering emphasizes enterprise-grade security, governance, and observability through native IAM controls, Model Armor content safety, OpenTelemetry tracing, and Cloud Audit Logs.

🖥️ Amazon Quick is now available as a native desktop preview for macOS and Windows, extending the assistant beyond the browser to leverage local files, OS-level notifications, and native desktop controls. The desktop app can read and work with files on the machine without uploading them, surface action-item, calendar, and message alerts, and automate both browser-based and desktop workflows. Memory, knowledge graph, and agents are shared with the web experience, and the preview supports local Model Context Protocol (MCP) connections for coding agents.

🔒 AWS has announced general availability of the AWS for SAP MCP Server on Amazon Bedrock AgentCore, enabling AI agents to connect directly and securely to SAP ERP systems at scale. Built on Model Context Protocol (MCP) and SAP OData standards, the server supports CRUD access to sales orders, purchase orders, materials, and finance documents. The managed AgentCore Runtime provides session isolation, private connectivity, and dual-layer authentication with CloudWatch telemetry and CloudFormation templates for rapid, no-infrastructure deployment.

🔐 Checkmarx's KICS Docker images and VS Code/Open VSX extensions were trojanized to harvest developer secrets. Dependency security firm Socket investigated after Docker alerted them to malicious images pushed to the official checkmarx/kics repository and found an embedded MCP addon that downloaded a credential-stealing module (mcpAddon.js). The malware targeted GitHub tokens, cloud credentials, npm tokens, SSH keys, Claude configs and environment variables, encrypting and exfiltrating them to audit.checkmarx.cx while creating public GitHub repositories to receive stolen data. Checkmarx removed the artifacts, rotated exposed credentials and advised developers to rotate secrets, pin image SHAs and rebuild from trusted sources.

🚀 Today at Google Cloud Next, Google announced a more proactive Gemini Cloud Assist, an agentic cloud operations platform that embeds Gemini intelligence and enterprise context into the operational layer. It automates design-to-deployment workflows via a redesigned Application Design Center, supports infrastructure automation with gcloud, kubectl, and Terraform, and runs proactive multi-turn agents for troubleshooting and FinOps cost anomaly detection. The service also publishes its capabilities as MCP servers so teams can access design, operation, troubleshooting and optimization features directly from IDEs, CLIs, and third-party toolchains.

⚠️ Researchers have identified a critical, systemic vulnerability in MCP, the open source model context protocol developed by Anthropic. An Ox Security report published on April 15 says an architectural decision in official MCP SDKs causes the STDIO interface to execute arbitrary commands even when a local server process fails to start, enabling attackers to run malicious commands without sanitization. The flaw could expose API keys, chat histories, internal databases and other sensitive data across thousands of instances, and Ox Security reports that Anthropic has declined to change the protocol.

🔎 Mallory has launched an AI-native threat intelligence platform that converts global threat telemetry into prioritized, evidence-based cases tailored to an organization’s environment. The SaaS offering monitors thousands of sources, contextualizes findings against actual attack surfaces, and integrates with existing tools to automate hunt, detection, and exposure management workflows. It emphasizes actionable answers over alerts and supports Claude Code, MCP, APIs, and a modern UI for extensibility.

🤖 Dev Signal is a multi-agent system designed to turn raw community signals into reliable technical guidance by automating the path from trend discovery to expert content creation. It relies on the Model Context Protocol (MCP) to standardize integrations with Reddit, Google Cloud Docs, and a custom Nano Banana Pro MCP server, all coordinated by a Root Orchestrator that manages three specialist agents. A dual-layer memory model uses Vertex AI for long-term embeddings while the Session Service preserves short-term state, with automated callbacks and tools (save_session_to_memory_callback, PreloadMemoryTool, LoadMemoryTool) to persist and fetch user preferences and stylistic signals.

📈 The AWS MCP Server (Preview) now publishes operational metrics to Amazon CloudWatch and adds semantic similarity search for Agent SOP discovery. Metric publishing under the AWS-MCP namespace tracks invocation counts, success rates, client and server errors, and throttling for tools such as call_aws and retrieve_agent_sop, enabling alarms and visibility into agent-driven activity. The documentation search (search_documentation) now returns relevant Agent SOPs alongside AWS docs, helping AI assistants find the correct workflows.

🤖 This article introduces Dev Signal, a prototype multi-agent system built with Google ADK, the Model Context Protocol (MCP), and Cloud Run to automate discovery, grounding, and content creation. It outlines prerequisites, project structure, and an MCP-based toolset that integrates a Reddit discovery proxy, the managed Developer Knowledge MCP for documentation grounding, and a local Nano Banana Pro image generator. The piece explains secure secret handling, subprocess-based local tooling, and the ADK modular design to accelerate development.

🚀 Amazon OpenSearch Service now supports OpenSearch 3.5, introducing agentic AI enhancements, improved search relevance tooling, and expanded observability capabilities. The update adds persistent agentic conversation memory to capture multi-turn context and tool reasoning, plus context management that automatically truncates and summarizes inputs to reduce LLM token costs. A redesigned no-code agent interface with MCP integration and expanded search relevance workbench—including LLM-powered evaluation and scheduled experiments—helps teams tune and validate agent-driven search experiences without code.

🤖 The open-source Landing Zone Accelerator (LZA) Model Context Protocol (MCP) Server enables management of LZA deployments via natural-language conversations with AI assistants. The containerized MCP endpoint provides 20 specialized tools to search documentation across LZA versions, manage configurations, monitor pipelines, and surface actionable failure insights. It integrates with IDEs such as Kiro, Amazon Q Developer, and Claude Code, uses temporary credentials per AWS security best practices, and is available now in supported commercial and GovCloud regions.

🔔 Amazon Web Services has added stateful Model Context Protocol (MCP) server capabilities to Amazon Bedrock AgentCore Runtime, enabling server-driven elicitation, sampling, and progress notifications alongside existing support for resources, prompts, and tools. Developers can now run each session in an isolated microVM and preserve session context across interactions using an Mcp-Session-Id header. These features support interactive, multi-turn workflows and real-time updates for long-running operations.

🧰 The new Java SDK for the Model Context Protocol (MCP) Toolbox for Databases delivers type-safe, production-grade agent orchestration for Java and Spring Boot environments. It integrates with 42+ data sources, including AlloyDB, Cloud SQL, and Cloud Spanner, and simplifies secure, parameterized mappings from natural language intents to database operations. The SDK is designed for stateful, high-concurrency transactional agents and leverages Application Default Credentials for zero-config security.