 |
The Cyber Threat PerspectiveAuthor: SecurIT360
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. Were bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.brad@securit360.com Language: en-us Genres: Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
Episode 181: AI Zero Days (Google Threat Intelligence Report)
Episode 181
Tuesday, 12 May, 2026
Brad and Spencer break down Google Threat Intelligence Group's latest report on how adversaries are weaponizing AI across the entire attack lifecycle.The big takeaway isn't that AI has magically replaced attackers, but that it's making certain workflows faster, more scalable, and more repeatable. More importantly, AI platforms, agent skills, integrations, and dependencies are now becoming targets themselves.Topics covered include:AI for vulnerability discovery and exploit development: Google's first confirmed case of a zero-day exploit developed entirely with AI, including intentional prompts like "You are currently a network security expert specializing in embedded devices"Claude skills weaponization: A distilled knowledge base of over 85,000 real-world vulnerability cases integrated into AI research workflowsAutomation and scaled research: APT45 sending thousands of repetitive prompts to recursively analyze CVEs and validate proof-of-concept exploitsAI-powered obfuscation techniques: Dynamic modification, evasive payload generation, and decoy logic using Gemini API for just-in-time VBScript obfuscationAutonomous attack orchestration: Moving beyond content generation into sophisticated malware command automation, including PromptSpy navigating Android UI for persistenceAI-enhanced reconnaissance: Generating detailed organizational hierarchies and third-party relationships for high-value targets in finance, security, and HR departmentsInformation operations and deepfakes: Taking legitimate journalist videos, editing in fabricated content, and adding AI-generated voiceoversAttacking AI dependencies: TeamPCP (UNC6780) targeting AI environments as initial access vectors, including March 2026 supply chain attacks on Trivy, Checkmarx, and LiteLLMThe Mini Shai-Hulud worm: May 2026 attacks targeting AI infrastructure and dependenciesDefensive fundamentals: Why inventory, zero trust principles, and behavioral monitoring matter more than everBrad and Spencer emphasize that while the threat landscape is evolving rapidly, doubling down on foundational security practices remains the most effective defense strategy.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpovFollow Spencer on social ⬇Spencer's Links: https://spenceralessi.comWork with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.
