Threat Intelligence

Frontline Mandiant investigations, expert analysis, tools and guidance, and in-depth security research.
Threat Intelligence
[
GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
Explore GTIG's 2026 report on how adversaries leverage AI for zero-day exploits, autonomous malware, and industrial-scale cyber operations.
By Google Threat Intelligence Group • 33-minute read
[

Threat Intelligence RSS Feed
Want to keep up-to-date on the latest Threat Intelligence posts? Add the Threat Intelligence RSS feed URL to your RSS reader today.
Threat Intelligence RSS feed URL
[
Threat Intelligence
Welcome to BlackFile: Inside a Vishing Extortion Operation
By Google Threat Intelligence Group • 16-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/blackfile-vishing-extortion-operation)
[
Threat Intelligence
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
By Mandiant • 26-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware)
[
Threat Intelligence
Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever
By Francis deSouza • 13-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/defending-enterprise-ai-vulnerabilities)
[
Threat Intelligence
The German Cyber Criminal Überfall: Shifts in Europe's Data Leak Landscape
By Google Threat Intelligence Group • 5-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/europe-data-leak-landscape)
[
Threat Intelligence
vSphere and BRICKSTORM Malware: A Defender's Guide
By Mandiant • 62-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/vsphere-brickstorm-defender-guide)
[
Threat Intelligence
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
By Google Threat Intelligence Group • 16-minute read
[
Threat Intelligence
M-Trends 2026: Data, Insights, and Strategies From the Frontlines
By Jurgen Kutscher • 8-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2026)
[
Threat Intelligence
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
By Google Threat Intelligence Group • 34-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain)
[
Threat Intelligence
Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat Landscape
By Google Threat Intelligence Group • 53-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/ransomware-ttps-shifting-threat-landscape)
[
Threat Intelligence
Proactive Preparation and Hardening Against Destructive Attacks: 2026 Edition
By Mandiant • 222-minute read
](https://cloud.google.com/blog/topics/threat-intelligence/preparation-hardening-destructive-attacks)