Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- JPMorgan spends $15 billion a year on technology, given the risk of a data breach
January 17, 2024
JPMorgan Chase’s banking systems are attacked by hackers 45 billion a day, double what it saw a year earlier. The nation’s largest bank spends $15 billion a year on technology, given the risk of a data breach and the potentially devastating consequences of a successful cyber attack, Mary Callahan Erdoes, chief executive of the bank’s Asset ...
- Ivanti vulnerabilities now actively exploited in massive numbers
January 17, 2024
The researchers that discovered the active exploitation are warning that these attacks are now very widespread. The fact that there are no patches available and users were asked to apply a workaround and monitor their network traffic for suspicious activity, may have contributed to the slow response to the sounded alarms. Almost 7000 devices remain vulnerable ...
- PSA: Anyone can tell if you are using WhatsApp on your computer
January 17, 2024
Anyone who knows your WhatsApp number can figure out if you are only using the mobile app, or its companion web or desktop apps, a security researcher found. Tal Be’ery, the co-founder and CTO of crypto wallet maker ZenGo, found that it’s possible to determine whether a user on WhatsApp is using more than just the ...
- New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
January 17, 2024
Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, Mint Sandstorm used bespoke phishing lures in an attempt to socially engineer targets into downloading ...
- Majorca: Calvià City Council hit by €10million ransom demand
January 17, 2024
Saturday witnessed a cyberattack on the Spanish city of Calvià in Majorca, with hackers now demanding 10 million euros to be paid to restore functionality to integral systems. The Calvià City Council website has been offering updates on the situation, saying the local authority is “working to recover normality as soon as possible, after having been ...
- Binge & Dan Murphys Among Major Brands Hit By Cyber Attack
January 17, 2024
Thousands of retail customers have fallen victim to a hacking scheme where scammers access their online accounts to make fraudulent transactions. Local scammers, having bought online login details from overseas cybercriminals, bragged in a chat online about purchasing iPhones, clothing and alcohol (almost $800 worth) with strangers’ money. The Iconic, an online retailer, said last week ...