Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Google’s Threat Intelligence Group (GTIG) warn that nation-state threat actors have adopted Gemini and other AI tools as essential components of their operations. The threat actors are using tools to conduct research and reconnaissance, target victims, and rapidly create phishing lures.

Google Threat Intelligence Group recently released its latest report, “GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Us,” on how malicious adversaries are using AI to commit cybercrimes.

Threat actors are using phony meeting invites for Zoom, Microsoft Teams, Google Meet, and other video conferencing applications to trick users into installing remote monitoring and management (RMM) tools, according to researchers at Netskope. The invites lead to convincingly spoofed landing pages for fake video meetings, complete with a list of coworkers who have supposedly already joined the call. The page instructs the user to install a software update in order to join the video meeting.

Social engineering remains the most reliable way into an organization—and attackers are getting better at it every day. According to the 2025 Verizon Data Breach Investigations Report, up to 68% of breaches involve social engineering. AI has only widened the gap. More than 95% of cybersecurity professionals say AI-generated phishing is harder to detect, and Microsoft reports that AI-generated phishing emails are 4.5x more successful than manually created ones.

Phishing is the most prominent form of cyber-attack, regularly prompting email recipients into disclosing their personal information, credentials, downloading malware, or paying fraudulent invoices. Phishing can result in cybercriminals gaining unauthorized access to organizations’ data, network systems, or applications. People can be understandably alarmed once they realize they’ve clicked on a phishing link.

There's a beautiful moment happening right now, and by "beautiful" I mean "horrifying in that can't-look-away-from-the-car-crash sense”. People are giving OpenClaw access to, well, pretty much their entire lives. The results are exactly what you'd expect… One user gave his agent $500 and watched it create 25 trading strategies, generate 3,000+ reports, build 10 new algorithms, scan every post on X, and trade 24/7 non-stop. The result? It lost everything. Not most of it. Everything.

Social engineering remained the top initial access vector for cyberattacks in 2025, with increasing assistance from AI tools, according to a report from ThreatDown. The researchers warn that AI will likely become a core component of social engineering attacks throughout 2026. “Deepfake voice, image, and video impersonation now requires minimal expertise and only a handful of reference images or seconds of audio,” the researchers write.

AI-driven fraud attacks spiked by more than 1200% in December 2025, according to a new report by Pindrop Security. Threat actors are using AI to assist in every stage of the attack, from deploying bots to conduct reconnaissance to using deepfakes to trick humans. “According to Pindrop internal data, AI fraud (or non-live fraud) surged 1210% by December 2025,” the researchers write.

There's a moment in every security professional's career when they realise the game has fundamentally changed. Mine came last Tuesday at 3:47 PM, watching my colleague Erich argue with an AI agent about expense policy while simultaneously being phished by what I'm 87% certain was another AI agent pretending to be from IT. We’ve spent decades building security models around a simple premise: humans work here, threats exist out there, and our job is to build bigger walls between the two.

Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya’s INKY. The attackers have used this technique to impersonate PayPal, Apple, DocuSign, HelloSign, and others. “These platforms often allow users to enter a ‘seller name’ or add a custom note when creating an invoice or notification,” the researchers write.