Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
October 20, 2020
Adobe has released 18 out-of-band security patches in 10 different software packages, including fixes for critical vulnerabilities that stretch across its product suite. Adobe Illustrator was hit the hardest. There are 16 critical bugs, all of which allow arbitrary code execution in the context of the current user. They affect Adobe Illustrator, Adobe Animate, Adobe After ...
- Cisco warns of attacks targeting high severity router vulnerability
October 20, 2020
Cisco today warned of attacks actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company’s Cisco IOS XR Software. The IOS XR Network OS is deployed on several Cisco router platforms including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers. Read more… Source: Bleeping Computer
- TrickBot malware under siege from all sides, and it’s working
October 20, 2020
The Trickbot malware operation is on the brink of completely shutting down following efforts from an alliance of cybersecurity and hosting providers targeting the botnet’s command and control servers. Initial disruption actions seemed to leave the botnet unphased as its operators were able to rebuild the infrastructure and the network of infected computers. Although the battle is ...
- Vizom malware uses remote overlay attacks to hijack your bank account
October 19, 2020
Researchers have uncovered a new form of malware using remote overlay attacks to strike Brazilian bank account holders. The new malware variant, dubbed Vizom by IBM, is being utilized in an active campaign across Brazil designed to compromise bank accounts via online financial services. On Tuesday, IBM security researchers Chen Nahman, Ofir Ozer, and Limor Kessem said ...
- Mysterious ‘Robin Hood’ hackers donating stolen money
October 19, 2020
A hacking group is donating stolen money to charity in what is seen as a mysterious first for cyber-crime that’s puzzling experts. Darkside hackers claim to have extorted millions of dollars from companies, but say they now want to “make the world a better place”. In a post on the dark web, the gang posted receipts for ...
- Phishing for secrets: Russian cyber experts believe defense industry is being attacked by North Korea
October 19, 2020
A hacker group from North Korea has been attacking Russian military and industrial organizations by sending fraudulent emails, according to cybersecurity experts, who believe that Pyongyang is beginning to cast its net wider. This may come as a surprise to some, as Russia is one of very few countries with no hostility towards Pyongyang, which has ...