Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Scammers advertise fake AppleCare+ service via GitHub repos
September 12, 2024
Malwarebytes Labs researchers uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub, the developer and code repository platform owned by Microsoft. The goal of ...
- BT spots 2,000 potential attacks on its network a second
September 12, 2024
Britain’s BT said it was spotting 2,000 signals of potential cyber-attacks across its network every second, as criminals were increasingly using disposable “bots” to try to evade existing blocking and security measures. The telecoms group said on Thursday that digital surveillance activity by hackers using malicious scanning “bots” was 1,200% higher in July compared to the ...
- Business Email Compromise: The $55 Billion Scam
September 11, 2024
Business Email Compromise/Email Account Compromise (BEC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering (PSA I-041124-PSA) or computer intrusion to conduct unauthorized transfers of funds. Often times BEC variations involve ...
- Insights on Cyber Threats Targeting Users and Enterprises in Mexico
September 10, 2024
Like many countries across the globe, Mexico faces a cyber threat landscape made up of a complex interplay of global and local threats, with threat actors carrying out attempted intrusions into critical sectors of Mexican society. Mexico also faces threats posed by the worldwide increase in multifaceted extortion, as ransomware and data theft continue to rise. ...
- Nearly 1M Medicare beneficiaries potentially affected after data breach
September 10, 2024
Nearly 1 million Medicare beneficiaries are being warned that their personal information may have been compromised in a cybersecurity incident last year. The Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS), the contractor that utilized the affected MOVEit software, said last week that 946,801 people on Medicare were notified that ...
- Multiple Vulnerabilities in Veeam Backup & Replication
September 9, 2024
On Wednesday, September 4, 2024, backup and recovery software provider Veeam released their September security bulletin disclosing various vulnerabilities in Veeam products. One of the higher-severity vulnerabilities included in the bulletin is CVE-2024-40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & Replication solution. Notably, upon initial disclosure, the Veeam advisory listed the ...