Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hundreds of museums hit by cyber attack
January 8, 2024
Hundreds of art institutions and museums have been affected by a cyber attack on the Gallery Systems software company, with those impacted having used the software to organise their online archives. Last month, Gallery Systems informed its clients that computers using its software had become encrypted and could no longer operate. They launched an investigation, enlisted ...
- Lebanon: Beirut airport screens come under cyberattack
January 8, 2024
Beirut airport on Sunday came under a cyberattack, Lebanon’s state news agency said, with footage shared by local media showing anti-Hezbollah messages had replaced screen displays at its terminal. Lebanon’s National News Agency said “the cyberattack on the departure and arrival screens at the airport disrupted the BHS baggage inspection system.” It added that authorities were ...
- Explained: SMTP smuggling
January 7, 2024
SMTP smuggling is a technique that allows an attacker to send an email from pretty much any address they like. The intended goal is email spoofing—sending emails with false sender addresses. Email spoofing allows criminals to make malicious emails more believable. Let’s take a closer look at what it is exactly, and how cybercriminals can use ...
- Bangladesh: Cyber attack on Smart Election Commission app from two countries
January 7, 2024
A cyber attack has been carried out on the app ‘Smart Election Management BD’ of the Election Commission (EC) from Ukraine and Germany, said EC Secretary Md Jahangir Alam on Sunday. He told the media that the Election Commission (EC) had created a mobile application which was providing real-time voting information. However, voters were complaining since ...
- Top legal firm specializing in data breaches…hit by data breach
January 6, 2024
Top legal firm that specializes in helping other organizations in the aftermath of a data breach has ironically suffered one such incident itself. Orrick, Herrington & Sutcliffe has sent out a breach notification letter to affected individuals, confirming it had been the victim of an intrusion that happened in March 2023. Read more… Source: MSN News
- Freight giant Estes confirms data breach, but says it won’t pay ransom
January 5, 2024
The October 2023 cyberattack against Estes Express Lines was indeed ransomware, but the company has paid no ransom demand as yet. The company confirmed the news in an email recently sent to affected customers. As per the email, sent to roughly 21,000 people, threat actors accessed the company’s IT infrastructure on October 1, 2023, and managed ...