Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ukraine-Linked Group Claims It Hacked Website Of Moscow Property Registration Bureau
August 7, 2023
A Ukraine-linked hacker group said on Telegram on August 7 that it had hacked the website of Moscow’s municipal property registration bureau (MosgorBTI) overnight, saying “the information about state officials, politicians, military, and special services officers who support the Ukraine war had been handed to Ukraine’s defense forces.” The MosgorBTI’s website has yet to comment on ...
- Cyberattack disrupted hospitals, health care in Pennsylvania, 4 other states
August 6, 2023
Hospitals and clinics in several states on Friday began the time-consuming process of recovering from a cyberattack that disrupted their computer systems, forcing some emergency rooms to shut down and ambulances to be diverted. Many primary care services at facilities run by Prospect Medical Holdings remained closed on Friday as security experts worked to determine the ...
- FBI Investigating Cyber Attack Affecting Connecticut Hospitals
August 4, 2023
“Prospect Medical Holdings Inc. recently experienced a data security incident that has disrupted our operations,” said Nina Kruse, ECHN’s vice president for communications and public affairs. “Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” she said. The FBI’s field office in New ...
- CISA Releases Five Industrial Control Systems Advisories
August 3, 2023
CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-215-01 Mitsubishi Electric GOT2000 and GOT SIMPLE ICSA-23-215-02 Mitsubishi Electric GT and GOT Series Products Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
August 3, 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners are releasing a joint Cybersecurity Advisory (CSA), 2022 Top Routinely Exploited Vulnerabilities. This advisory provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2022, and the associated Common ...
- What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
August 3, 2023
The malware landscape keeps evolving. New families are born, while others disappear. Some families are short-lived, while others remain active for quite a long time. In order to follow this evolution, Kaspersky researchers rely both on samples that they detect and their monitoring efforts, which cover botnets and underground forums. While doing so, the researchers found ...