All news with #tool calling security tag

🔎 Cloudflare has renamed Browser Rendering to Browser Run and expanded it into a remote browser platform tailored for AI agents. It runs full Chrome sessions across Cloudflare’s global network and can be driven by code or AI using Puppeteer, Playwright, Quick Actions, direct CDP access, or MCP/WebMCP. New features include Live View for real-time inspection, Human-in-the-Loop handoffs for operator intervention, a CDP endpoint for low-level automation, and Session Recordings for replay and debugging. The service raises concurrency and Quick Actions limits and is available on Workers Free and Paid plans.

🔒 Ceros, an AI Trust Layer from Beyond Identity, runs alongside Claude Code on developers' machines to provide real-time visibility, runtime policy enforcement, and cryptographically signed audit records. Installation is non-disruptive—two CLI commands and a brief enrollment tie sessions to verified human identities with hardware-bound keys. The admin console surfaces conversation transcripts, tool invocations, MCP server connections, and signed activity logs that support compliance.

🔧 Amazon Bedrock now supports server-side tool execution by integrating AgentCore Gateway with the Responses API. Customers can supply an AgentCore Gateway ARN and Bedrock will discover and invoke gateway tools during inference, eliminating client-side orchestration. Tool results are executed and streamed server-side in real time, with IAM-based access control preserved. This reduces latency and simplifies agentic workflows.

🤖 Amazon Web Services today announced that Amazon Aurora DSQL now integrates with Kiro powers and AI agent skills to accelerate database-backed application development. The integration packages the Aurora DSQL Model Context Protocol (MCP) server with development best practices so AI agents can assist with schema design, performance tuning, and routine database operations out of the box. Kiro powers provides a curated registry of MCP servers, steering files, and agent hooks with one-click installation in the Kiro IDE. The Aurora DSQL skill extends the same guidance to other agent ecosystems via a Skills CLI, allowing agents to dynamically load Postgres-compatible SQL patterns, distributed design advice, and IAM authentication guidance.

🔌 Google Cloud now offers managed MCP servers for databases and developer tooling, enabling MCP-compliant AI agents (including Gemini) to access data and infrastructure without deploying additional infrastructure. The expansion adds AlloyDB for PostgreSQL, Spanner, Cloud SQL, Bigtable and Firestore, plus a Developer Knowledge MCP server for IDE documentation access. These servers use IAM-based authentication and Cloud Audit Logs for observability and governance, letting teams scale agentic workloads securely.

🔍 A joint investigation by SentinelOne SentinelLABS and Censys identified 175,000 publicly reachable Ollama hosts across 130 countries, spanning cloud and residential networks. Nearly half of observed instances advertise tool-calling capabilities that can execute code, access APIs, and interact with external systems, significantly raising the threat profile. Researchers warn these unmanaged LLM deployments lack standard authentication and monitoring, enabling active LLMjacking campaigns and resale of illicit access.

🔧 Amazon Bedrock now supports server-side tools in the Responses API using OpenAI API–compatible service endpoints. With Bedrock invoking tools directly rather than relying on client orchestration, AI applications can perform real-time, multi-step actions—searching the web, executing code, and updating databases—within the governance, compliance, and security boundaries of your AWS accounts. Developers may supply custom Lambda functions or use AWS-provided tools such as notes and tasks. Server-side tool use is available today for OpenAI's GPT OSS 20B and GPT OSS 120B in multiple AWS regions, with broader model and region support coming soon.

🔗 Google Cloud describes work to enable gRPC as a native transport for the Model Context Protocol (MCP), offering an alternative to JSON-RPC transcoding for organizations that already use gRPC. Native gRPC eliminates the need for transcoding gateways and preserves existing tooling, while delivering lower latency, smaller Protobuf-encoded payloads, and full-duplex streaming. The MCP core maintainers agreed to pluggable transports in the SDK, and Google Cloud will contribute a community-backed gRPC transport package to promote consistent, interoperable deployments.

🛡️ Google Cloud has integrated Cloud API Registry into Vertex AI Agent Builder, giving administrators centralized governance over agent tools and a curated catalog developers can access via a new ApiRegistry ADK object. The update broadens ADK support — including Gemini 3 Pro/Flash and TypeScript — and improves state management, interactions, and recovery. An early A2UI toolkit and Interactions API support aim to simplify multimodal I/O and shared UI components. Agent Engine features such as Sessions and Memory Bank are GA, regional availability is expanding, and several pricing adjustments take effect in December 2025 and January 2026.

🚀 AWS announces integration of Amazon Aurora PostgreSQL-Compatible Edition with Kiro powers, enabling agent-assisted database development using prepackaged MCP servers, steering files, and hooks. The Aurora PostgreSQL power bundles data plane (queries, schema) and control plane (cluster creation) capabilities with targeted best-practice guidance. Available via Kiro IDE and the Kiro powers catalog for one-click installation across AWS Regions.

🤖 Amazon Connect now supports the Model Context Protocol (MCP), enabling AI-driven customer self-service and employee assistance agents to invoke standardized tools to fetch information and perform actions during interactions. Amazon Connect offers out-of-the-box MCP tools for tasks like updating contact attributes and retrieving case information, and allows flow modules to be exposed as MCP tools so business logic is reusable across deterministic and generative workflows. Organizations can also integrate custom or third-party tools via flow modules or the Amazon Bedrock AgentCore Gateway to automate actions such as order lookups, refunds, and customer-record updates without human intervention.

🔎 The AWS Knowledge MCP Server now supports topic-based search across specialized documentation domains, enabling more precise queries against areas such as Troubleshooting, AWS Amplify, AWS CDK, CDK Constructs, and AWS CloudFormation. This enhancement lets MCP clients and agentic frameworks target domain-specific resources to reduce noise and improve relevance. The capability complements existing API reference and general documentation search features and is available immediately at no additional cost, subject to standard rate limits.

🛒 PayPal and Google Cloud announced a joint agentic commerce offering that integrates Google Cloud’s Conversational Commerce agent with payments powered by PayPal. The solution leverages the open Agent2Agent (A2A) Protocol and the Agent Payments Protocol (AP2)—which extends A2A and the Model Context Protocol—to enable agent-to-agent payment flows secured by Verifiable Digital Credentials. Merchants can deploy Google’s out‑of‑the‑box conversational agent or build custom agents with the Agent Development Kit (ADK), retaining control over tone, branding, and the customer relationship while benefiting from integrated payment and fraud controls.

🔒 Amazon Q Developer CLI now supports remote MCP servers to centralize tool integrations and OAuth-based authentication, enhancing scalability and security in development workflows. Administrators specify HTTP transport, the authentication URL, and optional headers in agent configuration or mcp.json. Upon successful OAuth authentication, the CLI enumerates tools on the MCP server and exposes them to the agent. This capability is available in both the CLI and the Amazon Q Developer IDE plugins.

🧰 MCP Toolbox now includes comprehensive Firestore tools that let AI assistants connect directly to Firestore from environments like Gemini CLI and other MCP-compatible interfaces. Built on the Model Context Protocol, these pre-built tools support document reads, collection queries, targeted updates, and security-rules validation to accelerate debugging, testing, and maintenance for NoSQL applications. Developers can perform complex queries and targeted updates in natural language, validate security rules before deployment, and reduce context switching between consoles and emulators. The release is accompanied by docs, quick start guides, a GitHub repo, and community channels to help teams adopt the features quickly.