Google Cloud Platform Newsletter

Check Archive for older issues

News

Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft - ShinyHunters-branded operations are using sophisticated vishing and victim-branded sites to steal data from cloud-based SaaS applications.

Introducing Conversational Analytics in BigQuery - Conversational Analytics in BigQuery in preview brings a sophisticated AI-powered reasoning engine directly into BigQuery Studio.

BigQuery AI supports Gemini 3.0, simplified embedding generation and new similarity function - BigQuery gen AI functions AI.GENERATE and AI.GENERATE_TABLE are now GA, and can be used with the new AI.EMBED and AI.SIMILARITY.

What's new with ML infrastructure for Dataflow - Recent features and capabilities in Dataflow provide more flexibility, obtainability, and efficiency for running batch and streaming ML workloads.

Introducing Google Cloud Vertex AI Extensions for .NET - Enable .NET developers to integrate Google Gemini models on Vertex AI using the unified Microsoft.Extensions.AI abstractions. This new library facilitates multi-provider AI applications.

Accelerate GKE cluster autoscaling with faster concurrent node pool auto-creation - Support for concurrency in GKE with node pool auto-creation significantly reduces provisioning latency and autoscaling performance.

Gemini for Government: Unlocking the next wave of public sector innovation - Discover Gemini for Government: Secure, AI agents and models designed to transform public sector missions. Get started today.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network - IPIDEA’s proxy infrastructure is a component of the digital ecosystem leveraged by a wide array of bad actors.

Cloud CISO Perspectives: 5 top CISO priorities in 2026 - What should CISOs focus on in 2026? Here’s our top 5 priorities, from securing AI to IAM.

Guidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS - This proactive hardening and detection guide arms security teams with actionable strategies to defend against ShinyHunters-branded extortion.

Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088 - Espionage and financially motivated threat actors are exploiting critical WinRAR vulnerability CVE-2025-8088.

Guarding the Gates: A Technical Deep Dive into Model Armor - Model Armor is a critical policy-based security layer that acts as a transparent proxy for Large Language Models, filtering both prompts and responses. This system provides centralized governance, allowing engineering teams to decouple safety logic from application logic for scaled and secure AI deployments.

The Secret to Google Cloud Identity: login vs. application-default login - This article clarifies a common Google Cloud identity confusion by explaining the distinct purposes of `gcloud auth login` and `gcloud auth application-default login`.

App Development, Serverless, Databases, DevOps

Spanner in 2025: Innovations powering intelligent, multi-model AI applications - 2025 was a big year for Spanner on Google Cloud, with new capabilities to help it evolve from a passive data repository to an intelligent context hub.

First look at Google Cloud N4A VMs: benchmarked against N4, C4A and AWS M8g. - I’ve tested the newest N4A instance family offering from Google Cloud so you don’t have to.

Future Mode Part 1: The intelligent and secure browser for enterprises - Editor's Note: Our Future Mode series will give businesses insight into how Chrome Enterprise is approaching AI in the browser.

Flutter on Cloud Run: Full Stack Dart Architecture - Unlock full-stack development with Dart. Learn how to build a Flutter frontend and Dart backend that shares logic, and deploy the entire serverless application to a single container on Cloud Run.

The Surprising Simplicity of Temporal Worker Pools on Cloud Run - This article describes how using Cloud Run Worker Pools to host Temporal workers allows teams to replace YAML configurations with code-native orchestration.

Deploy to Cloud Run Without Building Containers (Preview) - Google Cloud has introduced a new no-build deployment option for Cloud Run, allowing developers to deploy application source code directly without creating a container image. This streamlines the process by abstracting away the container build phase, significantly speeding up deployments for rapid iteration and experimentation.

Just for Fun: Migrating a legacy Spring Boot application with Conductor in Gemini CLI - Learnings for how to modernize legacy code with Gemini CLI and the Conductor extension.

The Configuration Trap: Why gcloud config is Your Best Friend (and Worst Enemy) - This article explores how to effectively manage Google Cloud CLI configurations to prevent common deployment errors, such as deploying to the wrong project.

Big Data, Analytics, ML&AI

BigQuery AI Hackathon: Celebrating Innovation and a Look at What's New - Discover the BigQuery AI Hackathon winners and explore new, powerful SQL-based AI features, including the massive performance update for AI.IF and autonomous embedding generation. Get started today!

BigQuery + DuckDB Together: The “Local Hot Cache” Pattern That Slashes Query Bills Without Losing Governance - This article proposes a "local hot cache" pattern using DuckDB alongside BigQuery to significantly reduce query costs. By keeping BigQuery as the governed source of truth and offloading frequently accessed "hot slices" of data to a local DuckDB instance, organizations can avoid expensive repeated scans.

Query Labelling - How labels help you explain BigQuery spend and pinpoint cost drivers.

DBT Migration at Malt - Malt undertook a comprehensive, eight-month migration to transition its custom, in-house data stack to DBT, a standardized data transformation tool. This involved converting their proprietary SQL definitions and schemas, adapting existing Airflow orchestration, and integrating DBT YAML files into their Spark ingestion process.

LiteRT: The Universal Framework for On-Device AI - LiteRT, the evolution of TFLite, is now the universal framework for on-device AI. It delivers up to 1.4x faster GPU, new NPU support, and streamlined GenAI deployment for models like Gemma.

Tailor Gemini CLI to your workflow with hooks - New Gemini CLI hooks (v0.26.0+) let you tailor the agentic loop. Add context, enforce policies, and block secrets with custom scripts that run at predefined points in your workflow.

Accelerating model refinement: automating Fine-Tuning through checkpoint interpolation with Authentrics Zero Training Optimization & Maintenance (Z-TOM) - This article describes Zero Train Optimization and Maintenance (ZTOM), a new orchestration layer from Authentrics.ai that optimizes AI models like Gemma and Llama 3.2 by mathematically blending existing checkpoints instead of using resource-intensive backpropagation.

Building a Reliable AI Analytics Agent with BigQuery, a Semantic Layer, and Google ADK - How to prevent your LLM from confidently giving you the wrong numbers.

Building Semantic Search into Your AI Agents - Automatic vector generation for agentic tools with MCP Toolbox.

Supercharge Gemini: A Beginner’s Guide to Function Calling in Vertex AI - This article provides a beginner's guide to Function Calling in Vertex AI, a powerful feature that allows Google's Gemini LLM to execute custom code for tasks it wasn't explicitly trained for, such as mathematical calculations.

Slides, Videos, Audio

Security Podcast - #260 The Agentic IAM Trainwreck: Why Your Bots Need Better Permissions Than Your Admins.

GCP Bytes Podcast - #33 In this episode we discuss; Sealion 7, Gmail spam filter, Ian’s coding adventures, GDG Cloud Sydney, GDG Darwin events, Alison Wagonfeld moving to Nvidia, GCVE Mixed Node Private Clouds, Google Cloud ranking, Alphabet's market cap, Intersect acquisition, Palo Alto Networks deal, HP-UX end of life, Google partner program changes, MCP support, Bangkok region launch, Gmail address changes, Gemini prompt injection flaw, OpenAI ads, Google AI Plus, Apple’s Gemini-powered Siri.

Releases

AlloyDB - Feature: Database server compatibility with PostgreSQL version 18 is now available for preview ( Preview ). You can create AlloyDB clusters with PostgreSQL 18 compatibility.

Apigee UI - Announcement: On January 27, 2026, we released an updated version of the Apigee UI. Fixed: Show all rows in the Debug properties panel Fixed an issue where only the first 50 rows were displayed in the Debug properties panel, including the variables tab. The Debug properties table now displays up to 200 rows per page by default. Pagination controls are displayed if the total number of rows exceeds 200.

AppEngine Flexible - .NET - Feature: Support for .NET 10 runtime is in Preview.

Cloud Architecture Center - Feature: (New guide) Google Cloud Well-Architected Framework: Sustainability pillar: Expanded the sustainability guidance in the Well-Architected Framework as a full-fledged pillar of the framework.

Artifact Registry - Feature: Artifact Analysis now supports custom organization policies on notes and occurrences. For more information, see Use custom organization policies.

Backup and DR Service - Announcement: Object change notification is deprecated on January 30, 2026. To generate notifications for changes to objects, use Pub/Sub notifications for Cloud Storage instead. Fixed: Backup/Recovery appliance non-disruptive update: Database Restore & Management: Resolved SAP HANA differential restore failures and Oracle "Mount and Migrate" disk eligibility issues, while enhancing Db2 log purging and HANA /etc/fstab cleanup. System Stability: Improved reliability by addressing gpdmgr memory leaks, preventing udpengine crashes during OnVault jobs, and enabling size-based log rotation. API & Infrastructure: Optimized host discovery and API performance, including support for duplicate VM names, subnet pagination, and the removal of deprecated NFS options.

BigQuery - Feature: BigQuery now supports a RANDOM_HASH predefined masking rule. This rule returns a hash of the column's value using a salted hash algorithm, and it provides stronger security than the standard Hash (SHA-256) rule. For more information, see Data masking rules. Feature: BigQuery now offers conversational analytics, which accelerates data analysis by enabling insights through natural language. Users can view a predefined sample agent, chat with their BigQuery data or custom agents, and access those agents even outside of BigQuery. They can also use supported BigQuery ML functions in verified queries and in chat. This feature is in Preview. Feature: You can now create BigQuery ML models by using the Google Cloud console. This feature is generally available (GA). Change: The BigQuery change data capture feature has been renamed to BigQuery change data capture ingestion. Feature: The BigQuery Data Transfer Service can now transfer data from Shopify to BigQuery. This feature is in Preview. Change: An updated version of the Simba JDBC driver for BigQuery is now available. Feature: The BigQuery Data Transfer Service can now transfer data from Mailchimp to BigQuery. This feature is in Preview. Feature: You can now use Gemini Cloud Assist to discover resources across your projects. For example, you can ask about a specific table's schema, or which tables contain demographic information about new users. This feature is in Preview.

Bigtable - Feature: Bigtable has a unified, customizable system insights dashboard. This dashboard includes predefined metrics and other Google Cloud metrics. This feature is generally available (GA). For more information, see Customize the system insights dashboard.

Carbon Footprint - Fixed: We have corrected the issue resulting in incomplete Cloud Run emissions data for November and December 2025. Customers who used Cloud Run during this period can now access the corrected data. Action Required: To see the corrected Cloud Run emissions data, schedule a manual data backfill for November and December 2025. Note that there is a half-month lag of our data release. For example, to backfill November and December 2025 data, run the backfill for December 15, 2025 and January 15, 2026, which will update the data for November and December 2025 in your BigQuery table.

Chronicle Security Operations - Change: The Case Federation feature is no longer dependent on the Case Federation integration in the primary platform. The primary platform sync job is now disabled. Do not attempt to re-enable it. For more information, see Set up federated case access for SecOps. Announcement: The following v2 connectors, which utilize Google Storage Transfer Service (STS), are now in General Availability: Google Cloud Storage v2 Amazon S3 v2 Google Cloud Storage (Event Driven) Amazon SQS v2 Azure Blobstore v2 Feature: Rule observability for detections and alerts New metadata is now included in all detection and alert objects, indicating if the detection was produced during a primary rule run or through a rule replay. This information can be used in dashboards and as a filter in the Alerts lister page using the field collection.detection_timing_details.

Chronicle SOAR - Announcement: Release 6.3.74 is being rolled out to the first phase of regions as listed here. This release contains the following changes: Change: The Case Federation feature is no longer dependent on the Case Federation integration in the primary platform. The primary platform sync job is now disabled. Do not attempt to re-enable it. For more information, see Set up case federation access for SOAR. Announcement: Release 6.3.73 is now available for all regions. Feature: Timeline View for Alerts Visualize alert patterns over time using the new timeline view in the Alerts section of the Cases Overview tab.

Compute Engine - Feature: Generally available: The N4A machine family is powered by Google's latest custom-designed Axion processor, built on Arm Neoverse N3 compute core and powered by Titanium IPU. This machine family has between 1-64 vCPUs with up to 512 GB of memory, and supports Google Cloud Hyperdisk volume storage. It is available in standard, highmem, highcpu, and custom machine types. For detailed information, see General-purpose machines. See Regions and zones to learn where you can create N4A VMs.

Config Connector - Announcement: Config Connector version 1.134.4 is now available. Feature: #6065: Enabled Vertical Pod Autoscaler (VPA) support. You can enable VPA for Config Connector components via ControllerResource and NamespacedControllerResource to automatically adjust resource requests. Fixed: Bug Fixes: #6035: Fixed an issue where managedFields metadata could be incorrectly attributed to the status subresource during spec updates, causing "Location must be set" errors.

Contact Center AI Insights - Feature: Customer Experience Insights offers configurable dashboards to view usage and feedback metrics over time. Choose from a wide array of chart types to build your own, or use the AI assistant to build custom dashboards.

Dataform - Feature: You can organize your code assets into a hierarchical structure with folders and repositories using the Dataform API. This feature is in preview.

Dataplex - Feature: You can control data lineage ingestion for Dataproc at the organization, folder, or project level. This feature is in Preview. For more information, see Control lineage ingestion.

Dataproc Serverless - Announcement: New Serverless for Apache Spark runtime versions: 3.0.4.

Dataproc - Announcement: Dataproc on Compute Engine: The following subminor image versions announced on January 24, 2026 have been rolled back: 2.0.157-debian10, 2.0.157-ubuntu18, 2.0.157-rocky8 2.1.106-debian11, 2.1.106-ubuntu20, 2.1.106-ubuntu20-arm, 2.1.106-rocky8 2.2.74-debian12, 2.2.74-ubuntu22, 2.2.74-ubuntu22-arm, 2.2.74-rocky9 2.3.21-debian12, 2.3.21-ml-ubuntu22, 2.3.21-rocky9, 2.3.21-ubuntu22, 2.3.21-ubuntu22-arm

Datastream - Feature: Datastream now supports Spanner as a source. For more information, see the Datastream documentation.

Cloud Quotas - Feature: Folder level and organization level support for the quota adjuster feature is available in Preview through the Google Cloud console, the Cloud Quotas API, gcloud quotas beta CLI, Terraform, and Cloud Client Libraries. For more information, see the documentation about how to enable the quota adjuster through the Cloud Quotas API.

Document AI - Feature: Layout parser model pretrained-layout-parser-v1.6-pro-2025-12-01 powered by Gemini 3 Pro LLM is available in Preview. This processor version has ML processing capabilities in the US and EU. Note: This processor version uses the Vertex AI Gemini global endpoint and is not compliant with Data Residency (DMZ) standards. For example, requests in US and EU endpoints might route to anywhere globally. For more information about available models, see the layout parser page. Feature: Custom extractor model pretrained-foundation-model-v1.6-pro-2025-12-01 powered by Gemini 3 Pro LLM is available in Preview. This processor version has ML processing capabilities in the US and EU. Note: This processor version uses the Vertex AI Gemini global endpoint and is not compliant with Data Residency (DMZ) standards. For example, requests in US and EU endpoints might route to anywhere globally. For more information about available models, see the custom extractor page.

Cloud Functions - Feature: Support for. NET 10 runtime is in Preview.

GKE new features - Feature: Stream Control Transmission Protocol (SCTP) support on GKE Dataplane V2 is now generally available (GA). You can now deploy workloads that use SCTP on GKE Standard clusters. This feature enables direct SCTP communication for Pod-to-Pod and Pod-to-Service traffic. SCTP support requires clusters to use GKE Dataplane V2 and Ubuntu node images. This feature is available in GKE version 1.32.2-gke.1297000 or later. For more information, see Deploy workloads with SCTP. Feature: The N4A machine series is generally available for GKE clusters in Autopilot and Standard modes. For more information, see Arm workloads on GKE.

Load Balancing - Feature: To enhance security and help meet stringent compliance requirements like FedRAMP, you can now apply a FIPS-compliant SSL policy to your Application Load Balancers and proxy Network Load Balancers. This update also introduces the ability to enforce TLS 1.3 as the minimum protocol version. New FIPS_202205 profile The new FIPS_202205 profile, available as a predefined SSL policy, restricts the load balancer to use only FIPS 140-2/140-3 validated cryptographic modules and ciphers. When this profile is selected, the load balancer: Enforces strict TLS settings, negotiating connections only using TLS 1.2 or TLS 1.3. Uses a limited set of approved cipher suites for TLS 1.2, such as the cipher suites in ECDHE-RSA-AES-GCM and ECDHE-ECDSA-AES-GCM families. Excludes non-FIPS ciphers for TLS 1.3, such as TLS_CHACHA20_POLY1305_SHA256. Minimum TLS 1.3 Enforcement You can now specify TLS 1.3 as the minimum version for your SSL policy, which must be paired with the RESTRICTED profile. If you mandate TLS 1.3 as the minimum version, any clients attempting to connect via TLS 1.2 or lower will be rejected. Ensure your client ecosystem supports TLS 1.3 before enforcing this minimum TLS version. For more information, see the following: SSL policies overview Use SSL policies This feature is in General availability.

Cloud Logging - Feature: You can now export your Crashlytics data and (optionally) Firebase sessions data to Cloud Logging. Once the data is exported, it's also available to Cloud Monitoring, so you can filter your logs, build custom dashboards, set up custom alerts, and even export the data to other services. For information about how to export your Crashlytics data, see Export Crashlytics data to Cloud Logging, and for information about how you can use this data, see What can you do with Crashlytics data in Cloud Logging. Change: To support correlation between log and trace data, the following changes have been made: The required format for the LogEntry.trace field has been relaxed. The preferred format for this field is the trace ID. However, you can continue to provide the full resource name. For more information, see LogEntry. If you open the Trace Details flyout page by using options provided in a log entry, then the resources listed in the default trace scope are searched for the trace data. If you open the Logs Explorer page by using options on span data, then the resources listed in the default log scope are searched for log data. To learn more about default scopes, see Configure observability scopes for multi-project queries. Feature: You can now install and manage the Ops Agent on virtual machines across zones in your Google Cloud project by using global VM Extension Manager extension policies. Global and zonal extension policies can keep the installed version of the agent current, keep a specified version of the agent installed, and other tasks. For more information, see Install and manage the Ops Agent by using VM Extension Manager policies.

Looker - Feature: You can now view the public egress IP addresses for Looker (Google Cloud core) instances that use Private Service Connect and controlled native egress. These IP addresses may be used when setting up outbound connections. Announcement: Looker 26.0 includes the following feature updates, which will start rolling out on January 26, 2026: Feature: Updates to the Continuous Integration (CI) feature will be available in February, 2026. Note: This item was added on January 28, 2026 and updated on January 30, 2026. Feature: Now available in preview, the Configuration tab of the Projects Settings page in the Looker IDE contains a Delete Developer Copy button that lets LookML developers delete their local developer copy of the project's Git repository. See the Using version control and deploying documentation page for details. Feature: Available January 29, 2026: Conversational Analytics includes a Show reasoning toggle that provides step-by-step insight into how the agent reaches its answers. This update also includes improvements to overall answer accuracy. See the Conversational Analytics API documentation for details. Feature: Gemini in Looker can now generate a summary and an analysis of an Explore. Feature: The Tabbed Dashboards Labs feature is now available. The Tabbed Dashboards Labs feature lets dashboard editors organize dashboard content across multiple tabs within a single dashboard. Adding tabs to dashboards lets you do the following: Better organize content: Group related visualizations and tiles into separate tabs. Improve data storytelling: Guide viewers through different aspects of your data in a structured way. Enhance performance: Load only the tiles on an active tab, potentially speeding up initial dashboard load times. Reduce clutter: Consolidate multiple related analyses into a single dashboard. This feature is only for Looker (original) instances and is enabled by default. Feature: The Dashboard Filter Enhancements Labs feature is now available. The Dashboard Filter Enhancements Labs feature includes the following improvements: Persistent filter suggestion drop-down: Filter suggestion drop-downs remain open for easier multi-selection for tag list and advanced filter type filters. Select or deselect all filter values: Lets users select or deselect all values in tag list and advanced filter type filters. Limit condition controls for advanced filters: Lets dashboard creators limit the condition options that are available to users for advanced filters. Enable Include custom filter values by default for boards: Admins can choose to enable Include custom filter values for boards by default instance-wide. This feature is only for Looker (original) instances and is enabled by default. Feature: The Self-service Explores admin page now supports a connection test button so that Looker admins can verify that the BigQuery connection is able to support self-service Explores. Feature: The Custom Tooltips Labs feature is now available. The Custom Tooltips Labs feature lets you configure tooltips within the Explore visualization editor using a combination of UI settings and an HTML editor that supports Liquid templating. This feature is only for Looker (original) instances and is enabled by default.

Migration Center - Announcement: The discovery client 6.3.12 is available with a bug fix. Fixed: Fixed a bug in the MCDC guest collection script. The guest collection process no longer runs Java or application binaries (Tomcat and JBoss) on target servers. Version identification for Tomcat and JBoss now relies exclusively on static configuration and the release notes.

Cloud Monitoring - Feature: You can now install and manage the Ops Agent on virtual machines across zones in your Google Cloud project by using global VM Extension Manager extension policies. Global and zonal extension policies can keep the installed version of the agent current, keep a specified version of the agent installed, and other tasks. For more information, see Install and manage the Ops Agent by using VM Extension Manager policies.

Network Intelligence Center - Feature: Connectivity Tests analyzes firewall policies that apply to managed Envoy proxies.

Cloud Run - Feature: Support for .NET 10 runtime is in Preview.

Security Command Center - Change: The prompt injection and jailbreak detection filter for the Mumbai ( asia-south1 ) and Singapore ( asia-southeast1 ) regions is upgraded to improve detection accuracy and reduce the rate of false positives.

Cloud Spanner - Feature: Spanner supports the UUID data type for both GoogleSQL and PostgreSQL-dialect databases. This data type stores universally unique identifiers (UUIDs) as 128-bit values. You can use the GoogleSQL NEW_UUID() function or the PostgreSQL gen_random_uuid() to function to create UUID values. For more information, see Use a universally unique identifier (UUID). Feature: Spanner supports the following compression functions: ZSTD_COMPRESS ZSTD_DECOMPRESS_TO_BYTES ZSTD_DECOMPRESS_TO_STRING These functions use the Zstandard (Zstd) lossless data compression algorithm to compress and decompress STRING or BYTES values. For more information, see Compression functions. Feature: Columnar engine for Spanner is now in Public Preview. Columnar engine is a storage technique used with analytical queries to speed up scans up to 200 times faster on live operational data without affecting transaction workloads. In databases or tables enabled with columnar engine, this release: Supports the ability to execute columnar queries automatically and perform faster columnar scans using vectorized execution. Provides a new major compaction API to accelerate the conversion of non-columnar data into columnar data. For more information, see the Columnar engine for Spanner overview.

Cloud SQL Postgres - Feature: You can now assign database roles to built-in database users and IAM database users when you create or update users. For more information about assigning roles, see built-in database authentication or IAM database authentication.

Cloud Storage - Announcement: Object change notification is deprecated on January 30, 2026. To generate notifications for changes to objects, use Pub/Sub notifications for Cloud Storage instead. Feature: Previously, when listing buckets by using the client libraries, JSON API, or RPC API, the request returned an error if some buckets couldn't be reached because a location was temporarily unavailable. You can now use a partial success option to return a list of buckets that are available, as well as the names of any buckets that can't be reached.

Cloud Trace - Change: To support correlation between log and trace data, the following changes have been made: The required format for the LogEntry.trace field has been relaxed. The preferred format for this field is the trace ID. However, you can continue to provide the full resource name. For more information, see LogEntry. If you open the Trace Details flyout page by using options provided in a log entry, then the resources listed in the default trace scope are searched for the trace data. If you open the Logs Explorer page by using options on span data, then the resources listed in the default log scope are searched for log data. To learn more about default scopes, see Configure observability scopes for multi-project queries.

VMware Engine - Announcement: Stretched private clouds capable of hosting both ve1 and ve2 node-family clusters are now available in the following regions: Sydney, Australia, Asia Pacific ( australia-southeast1-a, australia-southeast1-b ) Frankfurt, Germany, Europe ( europe-west3-a, europe-west3-b ) While a stretched private cloud can contain mixed node families, each individual stretched cluster must be comprised of nodes from the same family type. Note: To create a new stretched cluster of a different node family, contact Cloud Customer Care.