Tag: google cloud
28 articles

Google Cloud billing dispute escalates over $11,000 hijack charges
Developer Charles Jones was hit with a whopping $11,089.77 in Google Cloud charges after his account was hijacked, despite reporting the compromise and revoking the implicated keys. The unexpected charges, largely linked to Gemini image-generation models, left him stunned as his business doesn't even use such technology.

Google Exposes Flaw in Kubernetes Operator, Denies Bug Bounty
Google's security team initially praised researcher Justin O'Leary for uncovering a high-severity flaw, dubbed ConfigConfusion, in the Config Connector add-on for Kubernetes - only to later claim it wasn't a vulnerability at all and deny a bug bounty. The issue still lingers, leaving users of the open-source tool potentially exposed.

Google Vertex AI SDK Flaw Exposes Model Uploads to Hijacking
A newly discovered flaw in the Google Vertex AI SDK for Python left model uploads vulnerable to hijacking, allowing attackers to swap models and execute code within Google's serving infrastructure in a matter of seconds. This vulnerability, found by Palo Alto Networks Unit 42, could be exploited in just 2.5 seconds - a window of opportunity for attackers to wreak havoc.

Google Cloud Vertex AI Vulnerability Exposes Cross-Tenant RCE Risk
A recent vulnerability in Google Cloud's Vertex AI Python SDK left the door open for cross-tenant attacks, allowing hackers in separate projects to hijack model uploads and potentially execute malicious code remotely. This flaw was fortunately patched in version 1.148.0, released on April 15, 2026.

GitHub Repos Targeted in 5,500+ Malicious Commits
A shocking new campaign, dubbed Megalodon, has injected malware into over 5,500 GitHub repositories, putting sensitive credentials and tokens at risk of being stolen. This alarming attack highlights the growing threat of supply chain attacks, with experts warning that this could be just the beginning.

Security Teams Overlook AI-Enabled Threats in Cloud Risk Management
Cyber threats are evolving at an alarming rate, with AI-enabled attackers now launching faster and more sophisticated attacks on cloud and hybrid environments. Security teams must stay vigilant against emerging threats like AI-driven phishing, malware, and credential compromise.

AI-Driven Attacks Infiltrate Cloud Environments, Exposing Hidden Risks
New AI-driven threats are rapidly exploiting cloud security gaps, making it vital for teams to adopt a proactive, holistic approach to risk reduction to safeguard critical assets and data. Stay ahead of adversaries by understanding how they're weaponizing cloud vulnerabilities at alarming speed.

AI-Driven Attacks Infiltrate Cloud Environments
Stay ahead of the threats: as AI-driven attacks infiltrate cloud environments, it's crucial to adopt a proactive, holistic approach to risk reduction and protect your critical assets and data. Google Cloud and XM Cyber warn that understanding how attackers move laterally throughout your network is key to safeguarding against emerging AI-driven threats.

AI Innovation Push Sparks Rethink on Security Response Times
The pharmaceutical sector is surging ahead with AI innovation, as seen in Merck's multiyear deal with Google Cloud, aiming to revolutionize research, manufacturing, and commercial operations. By embedding generative and agentic AI, companies are speeding up drug development and commercialization, while navigating data governance and regulatory risks.

Mandiant VP Warns of Resurgent Cybersecurity Risks in AI Deployments
As organizations rush to adopt AI, they're reviving long-standing cybersecurity failures, warns Mandiant VP Jurgen Kutscher, who urges a focus on basic security controls over new AI-specific threats. Neglecting these fundamentals leaves AI-enabled environments vulnerable to measurable operational weaknesses.

Google Bets on General AI Models for Cybersecurity Needs
Google Cloud is shaking up its approach to cybersecurity by betting on its general AI model, Gemini, to tackle security needs, rather than developing a separate, cyber-focused model. This bold move is based on the impressive performance of Gemini across various domains, including coding and security.

Google Unveils AI Agent Identity Platform to Tackle New Identity Risks
Google is stepping up its game in AI security with a new platform that gives autonomous software agents their own unique identities, ensuring that every action is verified, recorded, and accountable. This move towards zero-trust verification means organizations can trust their AI agents to act with integrity and transparency.

Merck Strikes $1B AI Deal with Google Cloud to Transform Drug R&D
Merck is shaking up the future of drug research and development with a groundbreaking $1 billion deal with Google Cloud, harnessing the power of artificial intelligence to speed up scientific breakthroughs and bring life-changing treatments to patients faster. By combining forces, they'll create an AI-enabled enterprise that revolutionizes processes and drives innovation.

Google Deploys AI Security Agents to Counter Emerging Threats
Google is ramping up its cybersecurity game by deploying AI-powered security agents that can detect and fix threats at lightning-fast speeds, with human oversight to ensure these digital defenders stay on track. By leveraging its full AI stack, Google aims to stay ahead of emerging threats and revolutionize its defense strategy.

Critical Vertex AI Vulnerability Exposes Google Cloud Data to Alarming Risks
A critical vulnerability in Google Cloud's Vertex AI platform has been uncovered, leaving sensitive data alarmingly exposed to potential breaches - can we trust the security of the platforms powering our AI-driven innovations? This security blind spot could allow malicious actors to exploit AI agents and compromise cloud environments, putting organizations at risk.

Google Exclusive: Gmail Breach Claims Overblown
Headlines claiming 183 million Gmail accounts were hacked sparked panic, but Google says the scare is overblown. Security experts say the list is mostly recycled, aggregated credentials from older leaks—still risky for reused passwords, but not proof of a fresh Gmail-wide breach.

US cloud platforms: Risky Dependence, Stunning Costs
Three out of four European companies now run critical parts of their business on US cloud platforms, giving them world-class tools but leaving them vulnerable to foreign courts, sanctions, and policy shifts. That dependency isn’t just a statistic — it’s a strategic risk that calls for smarter data strategies, multi-cloud resilience, and faster investment in homegrown alternatives.

ViewState deserialization: Critical Must-Have Patch
When Sitecore patches were abused in an active ViewState deserialization attack, Google Cloud’s Mandiant stepped in to disrupt the campaign — a stark reminder to inventory Sitecore instances, apply patches immediately, and enable ViewState protections to prevent fast-moving compromises.

Google Cloud Stores UK AI Data Locally but Outsources Support
Google Cloud is shaking up the UK AI scene by keeping your data close to home with local storage, while cleverly outsourcing support overseas—striking a bold balance between security, compliance, and efficiency.

Google Cloud Holds UK AI Data Locally but Outsources Support
Google Cloud’s new UK-only data hosting for its Gemini 2.5 Flash AI promises stronger local control, but outsourcing support overseas raises fresh questions about what truly counts as “local” in the cloud era.

Google Cloud Contributes A2A AI Protocol to the Linux Foundation
Google Cloud donates the A2A AI Protocol to the Linux Foundation, enhancing open-source collaboration in artificial intelligence development.

Google Attributes Widespread Cloud Disruption to API Management Challenges
Google blames widespread cloud disruption on API management challenges, revealing key insights into how mismanaged APIs affect cloud performance.

Global Service Disruptions Affect Google Cloud and Cloudflare
Global service disruptions impact Google Cloud and Cloudflare, leading to widespread outages and performance issues. Stay informed on fixes.

Glitch to Phase Out App Hosting and User Profiles on July 8
Glitch will phase out app hosting and user profiles on July 8—discover what the transition means for your projects and upcoming platform updates.