Threat Intelligence

Cloud logo

Frontline Mandiant investigations, expert analysis, tools and guidance, and in-depth security research.

Threat Intelligence

[

GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access

](https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access)

Explore GTIG's 2026 report on how adversaries leverage AI for zero-day exploits, autonomous malware, and industrial-scale cyber operations.

By Google Threat Intelligence Group • 33-minute read

Read article

[

https://storage.googleapis.com/gweb-cloudblog-publish/images/03_ThreatIntelligenceWebsiteBannerIdeas_BA.max-1800x1800.png

](https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access)

Threat Intelligence RSS Feed

Want to keep up-to-date on the latest Threat Intelligence posts? Add the Threat Intelligence RSS feed URL to your RSS reader today.

Threat Intelligence RSS feed URL

[

Threat Intelligence

Welcome to BlackFile: Inside a Vishing Extortion Operation

By Google Threat Intelligence Group • 16-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/blackfile-vishing-extortion-operation)

[

Threat Intelligence

Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite

By Mandiant • 26-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware)

[

Threat Intelligence

Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever

By Francis deSouza • 13-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/defending-enterprise-ai-vulnerabilities)

[

Threat Intelligence

The German Cyber Criminal Überfall: Shifts in Europe's Data Leak Landscape

By Google Threat Intelligence Group • 5-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/europe-data-leak-landscape)

[

Threat Intelligence

vSphere and BRICKSTORM Malware: A Defender's Guide

By Mandiant • 62-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/vsphere-brickstorm-defender-guide)

[

Threat Intelligence

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack

By Google Threat Intelligence Group • 16-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package)

[

Threat Intelligence

M-Trends 2026: Data, Insights, and Strategies From the Frontlines

By Jurgen Kutscher • 8-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2026)

[

Threat Intelligence

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors

By Google Threat Intelligence Group • 34-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain)

[

Threat Intelligence

Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat Landscape

By Google Threat Intelligence Group • 53-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/ransomware-ttps-shifting-threat-landscape)

[

Threat Intelligence

Proactive Preparation and Hardening Against Destructive Attacks: 2026 Edition

By Mandiant • 222-minute read

](https://cloud.google.com/blog/topics/threat-intelligence/preparation-hardening-destructive-attacks)