CP
cyberpings
Threat IntelHIGH

AI Threats Surge: Cybercriminals Exploit New Technologies

MAMandiant Threat Intel
AIGTIGmalwarephishingdistillation attacks
🎯

Basically, cybercriminals are using AI to make their attacks faster and smarter.

Quick Summary

Cybercriminals are ramping up their use of AI for attacks. Organizations worldwide are at risk as AI tools become more sophisticated. This surge in AI threats could lead to significant data breaches and financial losses. Google is actively working to disrupt these malicious activities.

What Happened

In a startling update, the Google Threat Intelligence Group (GTIG) has reported a significant rise in the use of artificial intelligence (AI) by cybercriminals. By the end of 2025, threat actors have increasingly integrated AI into their attack strategies, enhancing their productivity in areas like reconnaissance, social engineering, and malware? development. This report builds on findings from November 2025, highlighting how AI tools are evolving in the hands of malicious actors.

The report reveals that model extraction attempts, known as "distillation attacks?," are becoming more common. This method allows attackers to steal intellectual property? by exploiting vulnerabilities in AI models, violating Google's terms of service. Although GTIG has successfully disrupted many of these attacks, the threat remains, especially from private sector entities and researchers trying to replicate proprietary AI logic. Notably, government-backed actors from countries like North Korea, Iran, China, and Russia are utilizing large language models (LLMs)? for sophisticated phishing? schemes and technical research.

Why Should You Care

You might think AI is just a tool for tech companies, but it’s also a weapon in the hands of cybercriminals. Imagine if your bank account was targeted by an AI that can craft convincing phishing? emails just for you. This is not just a distant threat; it’s happening now. As organizations increasingly rely on AI, the risk of their proprietary information being stolen grows.

If you're using AI in your business or personal projects, you need to be aware of these risks. Just like locking your doors at night, you must take steps to protect your digital assets. The implications of an AI-powered attack could lead to financial losses, data breaches, and a loss of trust in your services. Understanding these threats is crucial for safeguarding your information.

What's Being Done

In response to these rising threats, GTIG is actively working on several fronts to combat malicious AI use. They are taking proactive measures to disrupt model extraction activities and improve their AI models to make them less susceptible to misuse. Here’s what you can do right now:

  • Stay informed about the latest AI threats and best practices.
  • Implement robust security measures for any AI systems you use.
  • Regularly update your defenses to counteract evolving attack methods.

Experts are closely monitoring how these AI-enabled threats evolve and are prepared to adapt their defenses accordingly. The landscape is changing rapidly, and staying ahead of these threats is essential for anyone involved in technology today.

💡 Tap dotted terms for explanations

🔒 Pro insight: The rise of distillation attacks signals a shift in threat actor tactics, warranting immediate attention from organizations leveraging AI technologies.

Original article from

Mandiant Threat Intel

Read Full Article

Share

Related Pings

HIGHThreat Intel

Threat Intel - AiTM Phishing Kit Hijacks AWS Accounts

Hackers are using an AiTM phishing kit to hijack AWS accounts. Meanwhile, a year-long malware campaign is targeting HR departments, posing serious risks to sensitive data. Organizations must act swiftly to bolster their defenses.

Help Net Security·
HIGHThreat Intel

Storm-2561 Campaign Targets Users with Fake VPN Sites

Storm-2561 is tricking users into downloading fake VPN software. This affects anyone searching for trusted VPN clients. The risk includes stolen corporate credentials and potential data breaches. Stay vigilant and verify software sources.

Security Affairs·
HIGHThreat Intel

Operation Synergia III: 45,000 Malicious IPs Taken Down Globally

INTERPOL's Operation Synergia III dismantled 45,000 malicious IPs and arrested 94 suspects. This global effort highlights the growing threat of cybercrime. Authorities are committed to ongoing investigations and collaboration to combat these issues.

Security Affairs·
HIGHThreat Intel

Massive Crackdown on 45,000 Malicious IPs Behind Ransomware

In a historic crackdown, INTERPOL and 72 nations shut down over 45,000 malicious IPs linked to cybercrime. This operation highlights the global effort to combat ransomware and phishing attacks. With numerous arrests and seized servers, authorities are making strides to dismantle cybercriminal networks.

Cyber Security News·
HIGHThreat Intel

AI Phishing Attacks Surge with Malicious SVGs Post-Holiday

AI phishing attacks have surged post-holidays, with a 50-fold increase in malicious SVGs. Many users are affected as attackers impersonate trusted entities. This evolving threat highlights the need for enhanced email security measures.

SC Media·
HIGHThreat Intel

Europol Shuts Down Major Phishing Platform: Tycoon 2FA

Europol and vendors have taken down the Tycoon 2FA phishing platform. This operation disrupts a major threat to users. Stay alert and protect your data from phishing scams.

Proofpoint Threat Insight·