Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cybercrime groups restructuring after major takedowns
July 6, 2024
Cybercrime gangs are looking to rebuild with new tactics after global police operations this year made a huge dent in their activities, experts have told AFP. The gangs have had a bad year so far, with law enforcement operations taking out some of prominent groups including LockBit, a loose network of largely Russian-speaking cyber criminals. LockBit ...
- OpenAI breach is a reminder that AI companies are treasure troves for hackers
July 5, 2024
There’s no need to worry that your secret ChatGPT conversations were obtained in a recently reported breach of OpenAI’s systems. The hack itself, while troubling, appears to have been superficial — but it’s reminder that AI companies have in short order made themselves into one of the juiciest targets out there for hackers. The New York ...
- Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour
July 5, 2024
The cybercriminals who claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift’s ERAS Tour. In a post on ...
- India’s Airtel dismisses data breach reports amid customer concerns
July 5, 2024
Airtel, India’s second-largest telecom operator, on Friday denied any breach of its systems following reports of an alleged security lapse that has caused concern among its customers. The telecom group, which also sells productivity and security solutions to businesses, said it had conducted a “thorough investigation” and found that there has been no breach whatsoever into ...
- Yet another top US healthcare service provider has been hacked, with patient data exposed
July 4, 2024
Following the likes of ChangeHealthcare, Kaiser, Cencora, and several others during the past few months, another major US healthcare service has reported suffering a cyberattack that resulted in the theft of sensitive patient data. This latest victim is HealthEquity, which was on the receiving end of an apparent supply chain attack. In an 8-K form, filed ...
- Cyber extortion sees huge rise – and small businesses are four times more likely to be hit
July 4, 2024
Cyber extortion remains the most prominent threat facing businesses of all sizes across all industries, a new report from Orange Cyberdefense has found. The 2024 Cy-Explorer report worryingly uncovered that the number of victims of cyber extortion scams has grown by 77% year on year. In Q1 of 2024 alone, there were 1,046 organizations that were ...