Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature of the current threat environment where AI serves as both a sophisticated engine for adversary operations and a high-value target for attacks. We explore the following developments: Vulnerability Discovery and Exploit Generation; AI-Augmented Development for Defense Evasion; Autonomous Malware Operations; AI-Augmented Research and IO: Obfuscated LLM Access; Supply Chain Attacks.
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique
April 1, 2020
A new campaign is spreading the LimeRAT Remote Access Trojan by harnessing an old encryption technique in Excel files. LimeRAT is a simple Trojan designed for Windows machines. The malware is able to install backdoors on infected machines and encrypt files in the same way as typical ransomware strains, add PCs to botnets, and install cryptocurrency ...
- Holy water: ongoing targeted water-holing attack in Asia
March 31, 2020
On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot since ...
- SilverTerrier: 2019 Nigerian Business Email Compromise Update
March 31, 2020
In 2019, Business Email Compromise (BEC) maintained its rankings as both the most profitable and the most prominent threat facing our customers. According to the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3), which recently released its annual report, US$1.77 billion in losses were attributed to BEC attacks over the course of 2019. This number ...
- Nation-State Attacks Drop in Latest Google Analysis
March 30, 2020
Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products. Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost 40,000 warnings – which, while a large number, is still a ...
- Zeus Sphinx Banking Trojan Arises Amid COVID-19
March 30, 2020
According to researchers Amir Gandler and Limor Kessem at IBM X-Force, Sphinx (a.k.a. Zloader or Terdot) began resurfacing in December. However, the researchers observed a significant increase in volume in March, as Sphinx’s operators looked to take advantage of the interest and news around government relief payments. First seen in August 2015, Sphinx is a modular ...
- A mysterious hacker group is eavesdropping on corporate email and FTP traffic
March 28, 2020
Since at least early December 2019, a mysterious hacker group has been taking over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks, Chinese security firm Qihoo 360 said today. In a report published on the blog of its network security division Netlab, Qihoo said its researchers detected two different threat actors, each exploiting ...