All news with #rag security tag

⚠️ A max-severity flaw (CVE-2026-45829) in the Python FastAPI server of ChromaDB allows unauthenticated attackers to load and execute remote models before authentication is enforced, enabling arbitrary code execution on exposed servers. The issue impacts PyPI-distributed releases used widely in AI retrieval stacks; a 1.5.9 release exists but it is unclear if the fix addresses this vulnerability. Mitigations include using the Rust frontend, avoiding public exposure of the Python API, and restricting network access to the ChromaDB API port.

🔒 A hands-on April 2026 experiment shows how quickly attackers can target private AI servers: a Raspberry Pi honeypot posed as a high-performance stack (Ollama, LM Studio, AutoGPT, LangServe, text-gen-webui) and claimed a local Qwen3-Coder 30B instance plus RAG/MCP assets. Shodan discovered the server within three hours and, over a month, it logged 113,000+ requests from thousands of IPs with 23% probing AI capabilities. Observed tactics included fingerprinting endpoints like /v1/models and /.well-known/mcp.json and systematic hunts for exposed .env files, highlighting the importance of securing RAG, MCP and private AI deployments from day one.

🔒 Enterprise SaaS products increasingly adopt Retrieval-Augmented Generation (RAG) to give AI agents access to customer-specific knowledge, but that bridge also creates severe security liabilities. The article reviews recent high-profile failures — from the EchoLeak zero-click exfiltration to vector database reconstructions, indirect prompt injections in IDEs and large-scale knowledge-base poisoning — and breaks down the typical three-phase RAG architecture: ingestion & embedding, vector storage & retrieval, and LLM generation. It advocates a defense-in-depth posture combining pre-ingest DLP, retrieval-time RBAC/ABAC, prompt isolation and output filtering, and highlights Google Cloud services like Cloud DLP, Vertex AI vector search, Vertex AI model armor and Security Command Center to operationalize those controls.

🔍 Cloudflare introduced AI Search, a plug-and-play search primitive that provides a unified retrieval layer for agents, support bots, and coding assistants. It pairs hybrid semantic (vector) and BM25 keyword matching, managed storage, and built-in vector indexes so developers can create instances at runtime without provisioning separate infrastructure. The service integrates with Workers, the Agents SDK, and Wrangler, supports metadata boosts and cross-instance queries, and can optionally rerank results with a cross-encoder.

🔍 QueryData launches in preview, offering near-100% accuracy translating natural language into database queries across AlloyDB, Cloud SQL (MySQL and PostgreSQL) and Spanner. Built on Google Cloud’s Gemini LLM and augmented by rich database context, it uses schema ontologies, query blueprints and ambiguity detection to generate precise queries. Deterministic security is enforced via Parameterized Secure Views (PSVs), and integration is supported through a unified QueryData API, the MCP Toolbox for Databases, and context-engineering tools including an Evalbench framework.

🚀 Amazon expanded S3 Vectors into 17 additional AWS Regions — now available in 31 Regions worldwide. S3 Vectors is the first cloud object storage with native vector support, built for AI agents, inference, Retrieval-Augmented Generation (RAG), and semantic search at billion-vector scale. It supports up to two billion vectors per index, elastic scaling to 10,000 vector indexes per bucket, low-latency queries (frequent queries as fast as 100 ms; infrequent under one second), and native integration with Amazon Bedrock Knowledge Bases to help reduce RAG costs.

🔍Spanner positions itself as a unified, globally consistent database designed for agentic AI by combining relational, key-value, graph, vector and full-text search capabilities in one platform. The post argues this interoperable multi-model approach reduces data silos, removes brittle synchronization logic, and improves governance, availability, and development velocity. Google highlights features such as GQL graph support, a Cassandra native endpoint for lift-and-shift, and ScaNN-based ANN vector search. The customer example of MakeMyTrip illustrates significant operational simplification and faster AI feature delivery.

🤖RSA Conference 2026 reframes AI from a single track to the event itself, with roughly 40% of sessions AI-weighted and artificial intelligence woven across identity, cloud, threat intelligence and human-focused tracks. CISOs face a dual mandate: accelerate AI adoption to remain competitive while protecting the enterprise from new attack surfaces such as RAG pipelines, vector databases, prompt injection and model inversion. Key priorities at RSAC include securing the AI stack, defining AI governance and compliance (including preparation for the EU AI Act), managing non‑human identities, mitigating shadow AI and AI-assisted coding risks, and preparing SOCs for autonomous remediation.

🧭 This post launches Google Cloud's "Data Strategy = AI Strategy" series and reframes the database as the central context engine for production AI. It argues that by using fully PostgreSQL-compatible services such as AlloyDB and Cloud SQL, teams can eliminate latency and improve retrieval accuracy while reducing infrastructure friction. The article emphasizes three enterprise pillars — speed, scale, and security — and describes hands-on labs that cover batch embeddings, real-time inference with Gemini 3 Flash, and row-level security for zero-trust agents.

🔒 This Google Cloud blog outlines a reference architecture to deliver private-IP only connectivity for retrieval-augmented generation (RAG) applications that must not transit the public internet. It describes a multi-project topology—routing project, Shared VPC host, and service projects for Data Ingestion, Serving, and Frontend—and maps required services such as Cloud Interconnect/Cloud VPN, Network Connectivity Center, Private Service Connect, Cloud Router, Cloud Armor, and VPC Service Controls. The post also details RAG population and inference flows to show end-to-end private traffic paths and highlights management and routing orchestration for hybrid and VPC spokes.

🔗 Gemini CLI's Neo4j extension connects graph databases to Gemini's reasoning via the Model Context Protocol (MCP). The extension bundles four MCP servers to manage Neo4j Aura, translate natural language into Cypher, support interactive data modeling and visualization, and use Neo4j as long-term memory for agentic flows. Developers can provision databases, run Cypher queries, and persist knowledge from the terminal to accelerate GraphRAG workflows.

🔔 Amazon Neptune Analytics is now available in seven additional AWS Regions: Middle East (Bahrain), Middle East (UAE), Israel (Tel Aviv), Africa (Cape Town), Canada (Calgary), Asia Pacific (Malaysia), and Europe (Zurich). Neptune is a serverless graph database that automatically scales graph workloads, reduces operational overhead, and improves AI accuracy and explainability by modeling connected data. It also provides fully managed GraphRAG with Amazon Bedrock Knowledge Bases and integrates with the Strands AI Agents SDK and popular agentic memory tools to accelerate graph-powered AI development.

🛡️As AI copilots and assistants are embedded into daily work, recent incidents show the primary risk lies in surrounding workflows rather than in the models themselves. Malicious Chrome extensions that exfiltrated ChatGPT and DeepSeek chats and prompt injections that tricked an AI coding assistant into executing malware exploited integration contexts, not model internals. The piece advises mapping AI usage, applying least-privilege, enforcing middleware guardrails to scan outputs, and using dynamic SaaS platforms like Reco to detect and control risky workflows.

🔐 This article explains how sensitive data commonly leaks from AI systems — from RAG retrievals and agentic tool chains to user-initiated oversharing — and why LLMs cannot enforce document-level permissions. It recommends a layered, defense-in-depth approach: automatic identification and classification, data minimization at ingress, sanitization, redaction, and strict access controls that follow data through the pipeline. The authors also stress threat modeling and vendor due diligence to limit regulatory, competitive, and reputational harm.

🔒 Google has patched a zero-click vulnerability in Gemini Enterprise and Vertex AI Search that could have allowed attackers to exfiltrate corporate data via hidden instructions embedded in shared Workspace content. Discovered by Noma Security in June 2025 and dubbed "GeminiJack," the flaw exploited Retrieval-Augmented Generation (RAG) retrieval to execute indirect prompt injection without any user interaction. Google updated how the systems interact, separated Vertex AI Search from Gemini Enterprise, and changed retrieval and indexing workflows to mitigate the issue.

🚀 Amazon S3 Vectors is now generally available, delivering native, purpose-built vector storage and query capabilities in cloud object storage. It supports up to two billion vectors per index, 10,000 indexes per vector bucket, and offers up to 90% lower costs to upload, store, and query vectors. S3 Vectors integrates with Amazon Bedrock, SageMaker Unified Studio, and OpenSearch Service, supports SSE-S3 and optional SSE-KMS encryption with per-index keys, and provides tagging for ABAC and cost allocation.

📘 Amazon Connect now supports connecting existing Amazon Bedrock Knowledge Bases directly to AI agents and allows multiple knowledge bases per agent. You can attach Bedrock KBs in a few clicks with no additional setup or data duplication, and leverage Bedrock connectors such as Adobe Experience Manager, Confluence, SharePoint, and OneDrive. With multiple KBs per agent, AI agents can query several sources in parallel for more comprehensive responses. This capability is available in all AWS Regions where both services are offered.

🔍 AWS has announced general availability of multimodal retrieval in Amazon Bedrock Knowledge Bases, enabling unified search across text, images, audio, and video. The managed Retrieval Augmented Generation (RAG) workflow provides developers full control over ingestion, parsing, chunking, embedding (including Amazon Nova multimodal), and vector storage. Users can submit text or image queries and receive relevant text, image, audio, and video segments back, which can be combined with the LLM of their choice to generate richer, lower-latency responses. Region availability varies by feature set and is documented by AWS.

🔍 In early 2024 Google introduced native vector search in BigQuery, embedding semantic search directly into the data warehouse to remove the need for separate vector databases. Users can create indexes with a simple CREATE VECTOR INDEX statement and run semantic queries via the VECTOR_SEARCH function or through Python integrations like LangChain. BigQuery provides serverless scaling, asynchronous index refreshes, model rebuilds with no downtime, partitioned indexes, and ScaNN-based TreeAH for improved price/performance, while retaining row- and column-level security and a pay-as-you-go pricing model.

🌐 Web Grounding is now generally available as a built-in tool for Nova models, usable today with Nova Premier via the Amazon Bedrock tool use API. It retrieves and incorporates publicly available information with citations to support responses, enabling a turnkey RAG solution that reduces hallucinations and improves accuracy. Cross-region inference makes the tool available in US East (N. Virginia), US East (Ohio), and US West (Oregon). Support for additional Nova models will follow.