Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber attacks on law firms jumped by 77% over the past year
August 27, 2024
The number of successful cyber attacks against UK law firms rose by 77% in the past year to 954, up from 538 the year before, according to a new study of the threat. Chartered accountants Lubbock Fine said that the wave is driven by criminals seeing law firms as prime targets for ransomware attacks or blackmail. This ...
- HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat
August 27, 2024
In June 2024, Kaspersky discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples Kaspersky found almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form ...
- Ransomware attacks on schools threaten student data nationwide
August 26, 2024
Imagine a criminal gaining unrestricted access to your child’s most private information — medical records, Social Security numbers and even details about their daily bus ride to school. This alarming scenario is becoming a reality for a growing number of families as sophisticated cybercriminals increasingly target schools across the United States, holding their computer systems ...
- Laybuy collapsed after unreported cyber attack
August 26, 2024
A Klarna rival collapsed into bankruptcy after millions of pounds was stolen in a cyber attack. The collapse of Laybuy, a buy now, pay later (BNPL) start-up, followed a previously unreported hacking between December and February that left the business on the brink. Laybuy, which had more than 750,000 customers and was headquartered in New Zealand, filed ...
- Port of Seattle says it was hit with possible cyberattack; outage affects airport, phone systems
August 25, 2024
The Port of Seattle said Saturday it was hit with a “possible cyberattack” that impacted Seattle-Tacoma International Airport, phone systems, and websites. The outage was first reported Saturday morning just after 9 a.m. PT, described as an “internet and web systems outage.” A few hours later, Seattle-Tacoma International Airport posted on X and said the Port ...
- Halliburton probes impact of cyber attack with law enforcement
August 24, 2024
Top U.S. oilfield services firm Halliburton said on Friday it was working with law enforcement to determine the extent of a computer systems breach and was yet to determine if the incident would have a material impact on its business. The $23-billion company became aware of the cyber attack on Wednesday, it said in its first ...