Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DCRat backdoor returns
March 11, 2025
Since the beginning of the year, Kaspersky researchers have been tracking in their telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service (MaaS) model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting the C2 servers. Distribution The DCRat backdoor is ...
- Cybersecurity Meets DUI Defense: Protecting Personal Data During Legal Battles
March 11, 2025
In today’s digital age, the intersection of cybersecurity and legal defense has never been more critical. Individuals facing DUI charges often find themselves not only defending against legal penalties but also safeguarding their personal data. Protecting personal data during legal battles is essential, as it can significantly impact the outcome of a case and one’s ...
- Patch Tuesday – March 2025
March 11, 2025
Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware of public disclosure for one other vulnerability. This is ...
- Elon Musk’s X hit by waves of outages in what he claims is ‘a massive cyberattack’
March 10, 2025
Elon Musk’s X has been hit by three waves of outages since this morning, which the billionaire claims was due to a cyberattack. According to outage tracking site DownDetector, the problems began around 6 am ET when up to 20,538 users reported problems. The issues temporarily died down before nearly 40,000 users reported outages at 10 ...
- Allstate sued for not reporting data breach of 165,000 New Yorkers
March 10, 2025
New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information. The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. ...
- Fake CAPTCHA websites hijack your clipboard to install information stealers
March 10, 2025
There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may sound like something trivial to steer clear from, but apparently it’s not because the social engineering behind it is pretty sophisticated. At first, these attacks were more targeted at people that ...