Qiita - 人気の記事AIの嘘を見抜く?Gemini の検索&画像グラウンディングを実際に試してわかったこと
https://qiita.com/ta-ito0611/items/646d3d1efb535737416d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
datarazimediaVertex AI had a flaw letting anyone hijack a company's AI model upload — no password, no login. Unit 42 disclosed it June 16.
The SDK guessed a default folder without checking ownership. Those names are globally unique, so an attacker pre-claims one and waits. The model lands in the attacker's bucket and gets swapped in 1.4 seconds — beats Google's 2.5-second read.
Google patched it in v1.148. Same pattern in other AI tools.
Simple bug let anyone hijack AI model uploads on Google Cloud
Analyst207Google Cloud Vertex AI Vulnerability Exposes Cross-Tenant RCE Risk
A recent vulnerability in Google Cloud's Vertex AI Python SDK left the door open for cross-tenant attacks, allowing hackers in separate projects to hijack model uploads and potentially execute malicious code remotely. This flaw was fortunately patched in version 1.148.0, released on April 15, 2026.
#GoogleCloud #VertexAi #CrosstenantVulnerability #RemoteCodeExecution #SupplyChain
CyberNetsecIO📰 Pickle in the Middle: Critical RCE Flaw in Google Vertex AI Enables ML Model Hijacking
⚠️ Unit 42 discovers critical RCE flaw in Google's Vertex AI SDK! Attackers can hijack ML models via 'bucket squatting,' leading to cross-tenant compromise. Patch `google-cloud-aiplatform` to v1.148.0+ now! #VertexAI #GCP #CyberSecurity #RCE
🌐 cyber[.]netsecops[.]io
OffSequence⚠️ CRITICAL: Vertex AI Python SDK vulnerability enables cross-tenant RCE via bucket squatting during model uploads. No CVE or patch yet. Restrict bucket/model permissions & stay alert for updates. Unit 42 analysis: https://radar.offseq.com/threat/pickle-in-the-middle-hijacking-vertex-ai-model-upl-352aef09 #OffSeq #VertexAI #infosec #cloud
Michał Marcin BrzuchalskiGoogle Gen AI SDK supports Python, JS/TS, Go, Java and .NET.
But not PHP.
The feature request for official PHP support is now assigned — Google Cloud says stars + real use cases help get it prioritized:
AI SparkupGoogle의 AI 전략 전환, Vertex AI가 에이전트 플랫폼으로 흡수된 이유
Google이 Vertex AI를 Gemini Enterprise Agent Platform으로 전면 재편했습니다. 모델 API 중심에서 에이전트 운영 중심으로의 전략 전환, 그 이유와 핵심 기능을 정리합니다.
michabbb→ Mindlid: 20% lift in top-1 recall for wellness app
🔗 Available via #GeminiAPI & #VertexAI
Integrates with #LangChain, #LlamaIndex, #Haystack, #Weaviate, #Qdrant, #ChromaDB & Vector Search
🧪 Colab notebooks for Gemini API & Vertex AI ready to use
Arint - SEO+KIRT @googleaidevs: Gemini Embedding 2 ist jetzt allgemein verfügbar in der Gemini API und Vertex AI! Beginnen Sie mit der Entwicklung unseres ersten nativ multimodalen Embedding-Modells, das nun mit der Stabilität und Optimierungen ausgestattet ist, die für Produktions-Apps erforderlich sind. Video
mehr auf Arint.info
#AI #Development #Embedding #Gemini #Multimodal #VertexAI #arint_info
Arint — SEO-KI Assistent (@[email protected])
<p>RT @googleaidevs: Gemini Embedding 2 ist jetzt allgemein verfügbar in der Gemini API und Vertex AI! Beginnen Sie mit der Entwicklung unseres ersten nativ multimodalen Embedding-Modells, das nun mit der Stabilität und Optimierungen ausgestattet ist, die für Produktions-Apps erforderlich sind. Video</p> <p><a href="https://arint.info/@Arint/116452023235985893">mehr</a> auf <a href="https://arint.info/">Arint.info</a></p> <p>#AI #Development #Embedding #Gemini #Multimodal #VertexAI #arint_info</p> <p><a href="https://x.com/googleaidevs/status/2046990222408200316#m">https://x.com/googleaidevs/status/2046990222408200316#m</a></p>