Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Industry 4.0: Computer Numerical Controls (CNC) Machine Security Risks – Part 1
November 29, 2022
Computer numerical controls (CNCs) are machines used to produce products in a factory setting. They have been in use for many years, and in the last decade, their use has become more widespread due to increased connectivity. This increased connectivity has made them more software-dependent and therefore more vulnerable to attacks. This vulnerability is due ...
- CISA Releases Seven Industrial Control Systems Advisories
November 29, 2022
CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-333-01 Mitsubishi Electric GOT2000 ICSA-22-333-02 Hitachi Energys IED Connectivity Packages and PCM600 Products ICSA-22-333-03 Hitachi ...
- Criminals use trending TikTok challenge to make data-stealing malware invisible
November 29, 2022
Malware-slinging miscreants are taking advantage of a trending TikTok challenge — and viewers’ dirty minds — to spread data-stealing malware via a phony app that’s had more than one million views so far. The new TikTok trend is called Invisible Challenge, and it involves a person filming themself naked while using an effect called Invisible Body ...
- Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
November 28, 2022
Mandiant Managed Defense recently identified cyber espionage activity that heavily leverages USB devices as an initial infection vector and concentrates on the Philippines. Mandiant tracks this activity as UNC4191 and we assess it has a China nexus. UNC4191 operations have affected a range of public and private sector entities primarily in Southeast Asia and extending to ...
- Over a million user accounts ‘stolen’ in South Africa
November 28, 2022
Cyber security firm Kaspersky has warned that over a million company user accounts were compromised using a ‘data stealer’ in South Africa since 2021, and that the data may well have ended up on forums and markets on the dark web. The company said the average price that criminals charge for access to corporate systems in ...
- Major Twitter hack sees 5.4 million phone numbers and email addresses leaked on the dark web
November 28, 2022
More than 5.4 million Twitter user records, including personal phone numbers and email addresses, are up for grabs on the dark web in a massive data dump that some believe the Elon Musk-owned firm is attempting to cover up. The data dump was identified by Chad Loder, the founder of cyber security awareness company Habitu8, who ...