Adversaries Embed AI Into Live Attack Workflows

Google Cloud's AI Threat Tracker and Google Threat Intelligence Group recently report that adversaries are increasingly integrating AI into active cyberattacks, with rising model-extraction ('distillation') attempts and malware calling commercial models like Gemini via API. The assessment documents state-aligned and criminal actors automating reconnaissance, vulnerability mapping, and tailored social engineering, signaling a shift toward operationalized AI threats that complicate detection and protection strategies.