All news with #news tag

🔒 Google announced Agent Gateway, part of the Gemini Enterprise Agent Platform, to provide a programmable, secure connectivity plane for user-to-agent, agent-to-agent, and agent-to-tools interactions. The Gateway enables teams to inject custom logic and third-party security controls directly into the request path without changing application code. Google highlighted integrations with vendors such as Broadcom (Symantec DLP), Check Point, Cisco, CrowdStrike, Palo Alto Networks, and others to deliver runtime DLP, prompt-injection mitigation, identity governance, and behavioral analytics.

🤖 At Google Cloud Next '26, Google introduced the Gemini Enterprise Agent Platform to help teams build, deploy, scale, govern, and optimize autonomous AI agents in production. The series highlights long-running state management in Agent Runtime, a layered Agent Governance Stack, orchestration patterns in the Agent Development Kit (ADK), integration standards, and prebuilt blueprints in Agent Garden.

🔔 Oracle will issue monthly Critical Security Patch Updates (CSPUs) for its ERP, database and other software, shifting from a quarterly cadence to address faster AI-driven vulnerability discovery. The first monthly CSPU will arrive May 28, then releases will follow on the third Tuesday of each month (June 16, July 21, August 18). Oracle will still publish a cumulative quarterly Critical Patch Update and will auto-apply fixes for customers in Oracle-managed cloud environments. The change primarily affects customers running Oracle software on premises or in third-party hosting.

📝 BleepingComputer initially published a story reporting a new data breach at Instructure. Shortly after publication, the newsroom determined the information was incorrect and primarily based on outdated details from a prior incident. The article has been retracted and a retraction notice appended to the record; we regret the error. We are reviewing editorial processes to strengthen verification and prevent similar mistakes.

🔒 ESET Chief Security Evangelist Tony Anscombe reviews April’s top cybersecurity developments, including rising Microsoft Teams helpdesk impersonation scams, an Iranian-linked campaign targeting Rockwell programmable logic controllers exposed on U.S. critical infrastructure networks, and the FBI IC3’s finding that U.S. victims lost nearly $21 billion to cyber-enabled crime last year. Tony offers practical mitigation advice — from stricter verification and access controls for remote support to network segmentation, patching, and monitoring for industrial control systems — and invites viewers to watch the video for deeper context and comparisons to prior years.

⚠️ Microsoft is investigating a known issue that prevents some Teams Free users from chatting and calling others. A recently deployed backend change is skipping onboarding and privacy consent screens for affected users, leaving profiles incomplete and causing them to appear as 'Unknown users' to others. Microsoft has flagged the incident as an service degradation, says first reports emerged on April 8, and plans another status update later today.

🚀 Amazon RDS for Db2 is now available in the AWS GovCloud (US‑East, US‑West) Regions, enabling government and regulated customers to deploy Db2 databases in the cloud quickly. The managed service automates configuration for performance and supports Multi‑AZ synchronous replication for high availability. Customers may use Bring Your Own License (BYOL) in Standard and Advanced editions and could be eligible for the Database Savings Plan; consult the documentation and pricing for details.

🐍 Amazon EMR 7.13 is now generally available and ships with Python 3.11 as the default runtime for Apache Spark. The release also includes patch upgrades for Apache HBase (2.6.3), Apache Hadoop (3.4.2), Apache Phoenix (5.3.0) and the AWS SDK (v2.41.11). EMR 7.13 is available in all AWS regions; administrators should validate application compatibility and dependency packaging before rolling out clusters.

🎮 Amazon GameLift Streams now supports Proton 10, an updated Proton compatibility layer for running Windows games on Linux-based stream classes. Proton 10 expands support to newer titles including modern DirectX 12 games and updates graphics translation layers (VKD3D/DXVK) for improved rendering and performance. The release also addresses Media Foundation video playback issues such as black screens and color bars and is available at no additional cost.

🌐 This report reviews major Internet disruptions in Q1 2026, including prolonged government-directed shutdowns in Uganda and Iran, repeated national grid failures in Cuba, and physical damage to AWS facilities in the Middle East. It summarizes outages caused by power failures, severe weather, cable damage, technical faults, and military action, and highlights their scale and duration. The analysis is based on Cloudflare Radar observations and routing data and emphasizes systemic risks to connectivity.

🔒 The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos, while other government bodies do. Anthropic has restricted preview access through Project Glasswing to a select set of agencies, industry groups, and software providers over concerns the model could be misused to find and exploit vulnerabilities. Bloomberg reports members of a private Discord channel obtained unauthorized access and have been using Mythos for non-cybersecurity purposes, supplying screenshots to support their claim.

📦 A Dutch journalist followed instructions on a government website to conceal a Bluetooth tracker inside a mailed postcard addressed to a naval ship, enabling observers to follow the vessel for roughly a day as it sailed from Heraklion, Crete, toward Cyprus. Navy personnel discovered the device during routine mail sorting within 24 hours of arrival and disabled it. As a result, Dutch authorities now ban electronic greeting cards from naval mail to close that screening gap.

⚠️ Sean Plankey has withdrawn his nomination to lead CISA after a 13-month delay marked by bipartisan holds, unverified allegations, and reported Senate maneuvering. Plankey was first nominated last March, renominated in January, and faced objections from Sen. Rick Scott and Sen. Ron Wyden while working on Coast Guard issues. Conflicting reports — including a contested claim he was escorted out of Coast Guard headquarters — and questions about past financial ties surfaced but remain unresolved. Observers warn the leadership vacuum, amid staff and budget cuts at the agency, poses tangible national security risks; Plankey says he supports the administration’s next nominee.

📊 AWS has launched the Attributed Revenue dashboard in AWS Partner Central, providing Partners a self-service view of monthly attributed revenue by product, AWS service, and billing period. The dashboard consolidates data from the three Partner Revenue Measurement methods — Resource Tagging, User Agent string, and AWS Marketplace Metering — so Partners can monitor consumption patterns and revenue trends. Partners with multiple AWS Marketplace seller accounts can connect subsidiary accounts to see aggregated revenue across all connected accounts, and the dashboard is available in all commercial regions for Partners migrated to AWS Partner Central.

🔒 The UK National Cyber Security Centre (NCSC) has launched SilentGlass, a plug-and-play hardware device that actively blocks unexpected or malicious signals between HDMI and DisplayPort connections and monitor screens. Unveiled at CYBERUK on April 22 and already deployed on government estates, SilentGlass is approved for high-threat environments and is now available for public purchase. The NCSC partnered with Goldilock Labs and Sony UK to manufacture and commercialize the device globally.

🎉 Google Cloud today announced its 2026 Partner of the Year winners, honoring partners who used Google Cloud technologies to deliver transformative customer outcomes. Winners span global and country-level awards across categories such as Artificial Intelligence, Data, Security, Infrastructure Modernization, Google Workspace, and more. The awards recognize innovation, collaboration, and measurable impact in industries worldwide. Congratulations to the partners driving progress and customer success.

🔍 Grupo Seguritech, a Mexican surveillance company, is moving to expand its operations into the United States after years of supplying cameras, analytics, and integrated security systems domestically. The expansion highlights concerns about the cross-border adoption of pervasive monitoring technology and the governance challenges that follow. Observers point to the firm’s existing government contracts and experience integrating hardware and software as factors likely to shape local procurement and civic surveillance capabilities.

🔒 ESET researchers uncovered a NGate Android campaign that trojanized the HandyPay NFC relay app to steal contactless card data and capture PINs for fraudulent ATM withdrawals. The poisoned app, spread via fake Rio de Prêmios sites and a deceptive Play Store listing, asks to be set as the default payment app and prompts users to enter their card PIN before tapping their card. Artifacts including emoji-laden debug messages suggest parts of the injected code may have been generated or modified with a large language model.

🔒 ESET researchers discovered a new NGate malware variant that trojanized the legitimate HandyPay Android NFC-relay app, with injected code displaying artifacts consistent with GenAI-assisted development. The patched app silently forwards NFC payment card data and captures payment card PINs, exfiltrating them to attacker-controlled C&C infrastructure to enable contactless ATM cash-outs and unauthorized payments. Distribution targeted Android users in Brazil since November 2025 via a fake Rio de Prêmios lottery site and a counterfeit Google Play page; both samples were served from the same domain, indicating a single operator. ESET notified Google and the HandyPay developer; known samples are detected by Google Play Protect and ESET.

⚡Microsoft is rolling out a set of File Explorer enhancements to Windows 11 Insiders that aim to improve launch speed and overall performance. While implementation details are limited, the company earlier tested optional background preloading to accelerate startup times and offers a toggle to disable that behavior. The update also improves reliability around stopping explorer.exe after closing windows and expands fixes for bright white flashes in dark mode. A new full-screen Xbox mode is available as well; changes are arriving for Release Preview Insiders on Builds 26100.8313 and 26200.8313 (KB5083631).