版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
TABLEOF
CONTENTS.
·AITHREATLANDSCAPEREPORT2026
ExecutiveSummary
3
AIPhishing&SocialEngineering
5
HowthreatactorsareusingAIinPhishing&socialengineeringattacks
7
AIPhishingIsOutpacingDefenderCapacity
8
NotableAttackCases
10
AI-assistedMalwareAttacks
11
NotableMalwareCases
12
ThreatActorsOperationalizingAIAcrossCampaignWorkflows
15
NotableThreatActorsUsingAIinCampaigns
18
TheuseofAIbyFinancially&IdeologicallyMotivatedThreatActors
23
SupplyChainAttacks:PoisoningtheEcosystemfromtheInside
28
MaliciousAIModelsandPackagesinOpenEcosystems
29
TeamPCPSupplyChainCompromise
30
MaliciousSkillsinAIAgentMarketplaces
30
AICodingAgentDependencyPoisoning
31
AI-SpecificVulnerabilities
32
PromptInjection
33
JailbreakingandGuardrailBypass
33
DataPoisoningandTrainingDataAttacks
33
MemoryandContextManipulation
34
AgenticAIExploitation
34
RAGandVectorStorePoisoning
34
APIandAccessControlAbuse
34
AdversarialInputs
35
AIImpersonationAttacks:MalwareandPhishingCam-paignsAbusingAIBrandTrust
36
NotableIncidents
37
DarkAIMarketplace:UndergroundLLMServicesSoldtoCy-bercriminals
40
ClosingThoughts
44
References
45
2
©2026CybleInc.Allrightsreserved.
AITHREATLANDSCAPEREPORT2026
©2026CybleInc.Allrightsreserved.3
EXECUTIVESUMMARY
Thecyberthreatlandscapehasenteredanewphase,onedefinednotby
thesophisticationofindividualattackersbutbytheindustrializationofattack
operations.AIhasmovedfromanexperimentalcapabilityintooperational
infrastructure,anditsimpactisnowvisibleacrosseverymajorcategoryof
cyberthreat.
Threatactorsarenotreinventingtheirplaybooks;theyarecompressingthemosttime-consumingparts.Reconnaissancethatoncetookdays,phishingcontentthatoncerequirednative-languagespeakers,malwarethatoncedemandedskilleddevelopers,andsocialengineeringthatoncedependedondirecthumaninteractionareallbeingacceleratedbyAItoolsthatarewidelyaccessible,inexpensive,andincreasinglyindistinguishablefromlegitimateuse.
Acrossalldisruptedoperations,noevidencehasbeenfoundthatAIprovidesthreatactorswithnovelcapabilitiestheycouldnototherwiseobtain,buttheaccelerationitselfhassignificantconsequencesfordefenders.
Thisreportexamineshowthatshiftisplayingoutacrosseightinterconnectedthreatareas.AIisbeingweaponizedacrosstheentireattacklifecycle,fromAI-generatedphishinganddeepfakesocialengineeringtoLLM-assistedmalwaredevelopment,runtimecodegeneration,andself-rewritingevasiontechniques.
Nineteenconfirmedthreatactorgroups,spanningRussian,Chinese,Iranian,
NorthKorean,andfinanciallymotivatedcriminaloperators,havebeen
observedintegratingAIintotheircampaigns,usingitforreconnaissance,lure
generation,vulnerabilityresearch,malwaredevelopment,andtrusted-service
abuse.
Atthesametime,theAIsupplychainhasbecomeanactiveattacksurface,
withthreatactorspoisoningmodelrepositories,compromisingCI/CDpipelines,
manipulatingagentskillmarketplaces,andengineeringmaliciouspackages
specificallydesignedtodeceiveAIcodingassistantsratherthanhuman
developers.
AITHREATLANDSCAPEREPORT2026
©2026CybleInc.Allrightsreserved.4
AIsystemsthemselvesarenowprimarytargets.Thevulnerabilitiesbeingexploited,promptinjection,jailbreaking,datapoisoning,memorymanipulation,agenticexploitation,RAGpoisoning,andAPIabuse,donotrequireexploitingtraditionalsoftwareflaws.
Theyrequireunderstandinghowamodelprocessesinstructions,retrievesinformation,storescontext,andinteractswithconnectedtools.Inparallel,threatactorsareexploitingthetrustusersplaceinAIbrands,impersonatingChatGPT,Claude,DeepSeek,andGeminithroughfakeinstallersites,maliciousbrowserextensions,andsharedconversationlinkshostedontrustedAIplatformdomains.
UnderpinningallofthisisastructuredundergroundAImarketplacewhere
purpose-builtmaliciousmodels,jailbrokencommercialwrappers,andspecialist
attack-as-a-serviceplatformsaresoldthroughdarkwebforums,Telegram
channels,andprivatenetworks,usingsubscriptionmodels,lifetimelicenses,
andone-timeflatfeesthatmakeAI-assistedattackcapabilityaccessibleto
anyoperatorregardlessoftechnicalskill.
WhatstartedasahandfulofexperimentaltoolshasmaturedintoacriminalecosystemthatmirrorsthecommercialmechanicsoflegitimateSaaS,withversionedproductupdates,tieredpricing,anddedicatedsupportcommunities.
Theconvergenceofthesetrendsdefinesthecurrentthreatenvironment.AIisnotsimplyaddingnewtoolstoattackerplaybooks;itisconnectingandacceleratingtheentireoperation.
Organizationsthathavenotyetupdatedtheirsecuritystrategiestoaccount
forAI-enabledthreatsfacealandscapewherethequalityfloorofattackshas
risensharply.Thetechnicalbarriertoentryhasdroppedsignificantly,andthe
defenders’traditionaldetectionsignals,suchaspoorgrammar,knownmalware
signatures,andrecognizableattackinfrastructure,arebecomingunreliable.
Aneffectiveresponserequiresafundamentalrethinkofhowsecurityteams
detectthreats,validateidentities,governAI-integratedworkflows,andbuild
resilienceagainstattackchainsthatcombinemultipleAI-enabledtechniques
inasingleoperation.
AITHREATLANDSCAPEREPORT2026
AIPHISHING&SOCIALENGINEERING
©2026CybleInc.Allrightsreserved.5
·AITHREATLANDSCAPEREPORT2026
Phishinghaslongbeenthemostcommonandcostlyentrypointforcyberattacks.AIhasnotchanged
thatreality;ithasmadeitsignificantlyworse.WhatAIintroducesisnotanewtypeofattackbutadramatic
improvementinthequality,speed,andscaleatwhichexistingattackscanbeexecuted.
Defendersthatoncereliedonspottingpoorgrammar,awkwardphrasing,orgenerictemplatesnowfacecampaignsthatarepolished,contextuallyaware,andpersonalizedatscale.
ThescaleofAI’simpactonphishingisnolongerspeculative.Datafromacrosstheindustrypaintsaconsistentpictureofacceleration:
AIPHISHINGBYTHENUMBERS
KeyindicatorsshowingtherapidgrowthandeffectivenessofAI-drivenphishing
nl
1,265%
spike
Phishingattackshave
increasedby1,265%since
ChatGPT'slaunchinlate
2022,markingoneofthe
sharpestescalationsin
thehistoryofthe
82.6%
14xsurge
InDecember2025,
AI-generatedphishing
attackssurged14x,with
theirshareofallreported
attacksrisingfrom4%to
56%overtheholiday
season-atrendthat
continuedinto2026.
24-54%
moreeffective
82.6%ofphishingemails
nowcontain
AI-generatedelements,
showinghowdeeply
automatedtoolinghas
becomeembeddedin
attackworkflows.
AIphishingisnow24-54%
moreeffectivethan
traditionalhuman-crafted
methods,withAI-generated
emailsachievinga54%
click-throughrate
comparedto12%for
manual
AIisreshapingphishingatscale-faster,moreconvincing,andfarmoreeffective.
•InDecember2025,AI-generatedphishingattackssurged14x,withtheirshareofallreportedattacksjumpingfrom4%to56%overtheholidayseason,atrendthatheldinto2026.
•AIphishingisnow24–54%moreeffectivethantraditionalhuman-craftedmethods,withAI-generatedemailsachievinga54%click-throughratecomparedtojust12%formanualattempts.
•82.6%ofphishingemailsnowcontainAI-
generatedelements,reflectinghowdeeply
automatedtoolinghasembeddeditselfinto
attackworkflows.
•Phishingattackshavespiked1,265%sinceChatGPT’slaunchinlate2022,markingoneofthesharpestescalationsinthehistoryofthethreat.
©2026CybleInc.Allrightsreserved.6
©2026CybleInc.Allrightsreserved.7
AITHREATLANDSCAPEREPORT2026
HowTHREATAcToRsAREUslNBAllNPHlsHlNB&SoclALENBlNEERlNBATTAcks
AIisenhancingphishing,socialengineering,andattackpreparation
<>
3.AI-generatedphishingkits
InNovember2025,a
phishingkittrackedas
COINBAITwasidentified,
withdevelopmentlikely
acceleratedbyAI
code-generationtools.
Itimpersonatedamajor
cryptocurrency
exchangeanduseda
polishedReact
singleapplication
builtwithLovableAIto
harvestcredentials.
4.Deepfake-enabledsocialengineering
Threatactorsare
cloningexecutive
voicesandvideo
footagetosupport
fraudandtargeted
intrusions.Inone
February2024case,
deepfake
impersonation
contributedtoa$25.6
millionfraud,showing
howfakevideocalls
andAI-generated
personasarebecoming
operationaltools.
2.Luregenerationandpersonalization
LLMshelpgenerate
hyper-personalized,
culturallynuancedlures
thatmirrorthetoneofa
targetorganizationor
locallanguage.This
reducesthe
grammaticaland
contextualerrors
defendershave
historicallyreliedonto
spotphishingattempts.
1.Reconnaissance
andtargetdevelopment
ThreatactorsuseLLMsto
rapidlysynthesize
open-sourceintelligence,
profilehigh-valuetargets,
identifykey
decision-makers,andmap
organizationalhierarchies.
Thisresearchhelps
attackersbuildphishing
luresusingjobtitles,project
names,reporting
relationships,andrealistic
communicationstyles,
compressingdaysof
manualworkintohours.
Reconnaissanceandtargetdevelopment
AIistransformingthepreparationphasethat
makesphishingattackscredibleinthefirst
place.State-sponsoredactorsareusingLLMs
torapidlysynthesizeopen-sourceintelligence,
profilehigh-valuetargets,identifykeydecision-
makerswithindefensesectors,andmap
organizationalhierarchies.
Theoutputofthatresearchfeedsdirectlyintophishinglures,personalizedwithjobtitles,internalprojectnames,reportingrelationships,andcommunicationstylesthatmakemessagesappeartocomefromaknownandtrustedsourceratherthananunknownattacker.
Whatoncetookateamdaysofmanualresearchcannowbecompletedbyasingleoperatorinhours,beforeasinglephishingemailissent.
Luregenerationandpersonalization
LLMsallowthreatactorstogeneratehyper-personalized,culturallynuancedluresthatmirrortheprofessionaltoneofatargetorganizationorlocallanguage,largelyerasingthegrammatical
andcontextualtellsthatdefendershavehistoricallyreliedontoidentifyphishingattempts.
AI-generatedphishingkits
InNovember2025,aphishingkit,trackedasCOINBAIT,wasidentified,withitsconstructionlikelyacceleratedbyAIcode-generationtools.Thekitmasqueradedasamajorcryptocurrencyexchangetoharvestcredentials.ItwasbuiltusingtheAI-poweredplatformLovableAI,wrappingtheoperationinafullReactsingleapplicationwithcomplexstatemanagement,alevelofsophisticationindicativeofcodegeneratedfromhigh-levelprompts.
Deepfake-enabledsocialengineering
Threatactorshaveclonedvideofootageandvoicerecordingsofexecutivestoconvinceemployeestotransfersubstantialfunds,withoneincidentinFebruary2024resultingina$25.6millionfraud.Deepfakeuseisnowmovingbeyondisolatedincidentstoactivecampaigninfrastructure,withthreatactorsdeployingfakevideocallsandAI-generatedpersonasasstandardcomponentsoftargetedintrusions.
©2026CybleInc.Allrightsreserved.8
AITHREATLANDSCAPEREPORT2026
AIPhishingIsOutpacingDefenderCapacity
Beyondenablingfastercampaignexecution,AI-poweredphishingiscreatingasecondarycrisisinsideSecurityOperationsCenters,onethatcompoundsthethreatbydegradingtheveryteamsresponsibleforcatchingit.
•AI-generatedluresnowarriveinhighvolumeswithenoughvariationtoappearunique,eliminatingtheabilitytoidentifyanddismisssimilaralertsinbulkandforcingindividualreviewofeverycase.
•Polishedimpersonationandcontextualpersonalizationhaveremovedthequickvisualjudgmentsanalystsoncereliedon,makingeachalertmoretime-consumingtoinvestigatethanbefore.
•Short-livedinfrastructureandfreshlyregistereddomainsreturninconclusiveresults
fromreputation-basedtools,pushingmoreoftheanalyticalburdenontohumanreviewers.
•Asthevolumeofuncertaincasesgrows,experiencedanalystsarepulledawayfromcomplex,high-riskthreatstorevisitalertsthatwereneverfullyresolved.
•High-riskincidents,credentialtheft,malwaredelivery,andtargetedintrusionsincreasinglygetburiedinthenoise,wideningthewindowbetweeninitialaccessanddetection.
•Theasymmetryisstructural:AIreducesthecostandeffortoflaunchingattackswhilesimultaneouslyraisingthecostandeffortofdefendingagainstthem,agapthatwidenswitheveryimprovementinattackertooling.
High-VolumeVariation
AI-generatedluresnowarriveinhighvolumeswith
enoughvariationtoappearunique,preventing
analystsfromidentifyinganddismissingsimilaralertsinbulkandforcingindividualreviewofeverycase.
SlowerTriage
Polishedimpersonationandcontextualpersonalizationhaveremovedthequickvisualjudgmentsanalystsoncereliedon,makingeachalertmoretime-consumingto
investigatethanbefore.
WeakReputationSignals
Short-livedinfrastructureandfreshlyregistereddomainsreturninconclusiveresultsfrom
reputation-basedtools,pushingmoreoftheanalyticalburdenontohumanreviewers.
AnalystOverload
Asthevolumeofuncertaincasesgrows,experiencedanalystsarepulledawayfromcomplex,high-risk
threatstorevisitalertsthatwereneverfullyresolved.
High-RiskIncidentsBuried
Credentialtheft,malwaredelivery,andtargeted
intrusionsincreasinglygetburiedinthenoise,wideningthewindowbetweeninitialaccessanddetection.
StructuralAsymmetry
AIreducesthecostandeffortoflaunchingattackswhilesimultaneouslyraisingthecostandeffortofdefendingagainstthem,agapthat
widenswitheveryimprovementinattackertooling.
Al-powEREDpHlsHlNBlscREATlNBAsEcoNDARycRlslslNslDESEcuRlTyOpERATloNsCENTERs
BylNcREAslNBANALysTwoRkLoADANDsLowlNBDETEcTloN.
©2026CybleInc.Allrightsreserved.9
NOTABLEATTACKCASES
ExamplesofhowthreatactorsareusingAIinphishingandsocialengineeringcampaigns
UNC1069—CryptocurrencySectorTargeting
ANorthKoreanthreatactorcompromisedaTelegramaccountbelongingtoacryptocurrencyexecutive,builtrapportwiththevictim,andsentaCalendlylinktoaspoofedZoommeeting.Duringthecall,thevictimsawwhatappearedtobeadeepfakeCEOandwasguidedthroughaClickFixattackthatlaunchedamulti-stageinfectionchain,ultimatelydeployingsevenmalwarefamiliestostealcredentials,browserdata,sessiontokens,andcryptocurrencywalletinformation.
APT42—IranianState-SponsoredPhishingAugmentation
APT42usedgenerativeAImodels,includingGemini,toenhancereconnaissanceandtargetedsocialengineering.ThegroupusedAItosearchforofficialemailaddresses,researchpotentialbusinesspartners,andcreatepersonastailoredtoeachtarget’sbiographytoimproveengagement.
FAMOUSCHOLLIMA—FakeLinkedinProfilesandJobInterviews
TheDPRK-associatedgroupFAMOUSCHOLLIMAusedGenAItocreaterealisticLinkedinprofileswithbelievablebackgroundsandAI-generatedprofileimagestodeceiverecruiters,andpotentiallyusedAItogenerateplausibleresponsesduringjobinterviewsaspartofeffortstoinfiltrateprivatecorporations.
ClickFixcampaignviaAIPlatforms
InDecember2025,threatactorsabusedthepublicsharingfeaturesofgenerativeAIservicessuchasChatGPT,Copilot,DeepSeek,Gemini,andGroktohostdecep-tivesocialengineeringcontent.AttackersmanipulatedAItoolsintogeneratingseeminglylegitimatetroubleshootinginstructionscontainingmaliciouscommands,thenpromotedtrusted-domainsharelinksthroughmaliciousadvertisingtodistributeinformation-stealingmalwaretargetingWindowsandmacOS.
theGOVERSHELLbackdoor.OpenAIlaterconfirmedthatthegroupusedChatGPTtohelpcraftphishingemailsandassistinmalwaredevelopment.Asthecampaignmatured,theactorshiftedtorapport-buildingphishingthroughmulti-emailconversationsbeforedeliveringamaliciouslink.
AI-AssistedBiometricPhishing-BrowserPermissionAbuseActivesinceearly2026,thiscampaignusedluressuchas“IDScanner,”“TelegramIDFreezing,”and“HealthFundAI”totrickvictimsintograntingbrowsercameraandmicrophoneaccess.Onceapproved,maliciousscriptscapturedliveimages,video,audio,devicedetails,contactinformation,andapproximatelocation,thenexfiltratedthedatatoattacker-controlledTelegrambots.Emoji-basedformattingandstructuredannotationsinthecodesuggestgenerativeAImayhavebeenusedtoacceleratescriptdevelopment.
InboxPrimeAI-Phishing-as-a-ServiceKit
FirstobservedinOctober2025,InboxPrimeAIisaphishingkitbuiltforundergroundcybercrimenetworks.ItsAI-poweredemailgeneratorcreatesphishingemailsfromsimpleinputssuchastopic,tone,language,andindustry.Itusesspintaxtovarymessages,includesabuilt-inspamcheckertoreducedetection,andauto-matessenderidentityrotationacrosscompromisedGmailaccountstoimitatelegitimateusers,vendors,orexecutives.
Keytakeaway:AIisbeingusedtoimprovetargeting,scaledeception,andincreasethecredibilityofsocialengineeringoperations.
UTA0388—China-AIignedSpearPhishingwithLLMAssistance
ica,Asia,andEuropewithphishingemailsimpersonatingseniorresearchersfromfabricatedinstitutions.The
UTA0388targetedorganizationsacrossNorthAmer-campaigndeliveredamaliciousarchivecontaining
1
2
3
4
5
6
7
UNC1069:Targetingthecryptocurrencysector
NorthKoreanthreatactorUNC1069compromisedaTelegramaccountbelongingtoacryptocurrencyexecutive.ItusedittobuildrapportwithavictimbeforesendingaCalendlylinktoaspoofedZoommeetinghostedonattacker-controlledinfrastructure.Duringthecall,thevictimwaspresentedwithwhatappearedtobeadeepfakevideoofaCEOfromanothercryptocurrencycompany.
ThethreatactorthenexecutedaClickFixattack,directingthevictimtoruntroubleshootingcommandsthatinitiatedamulti-stageinfectionchain,ultimatelydeployingsevendistinctmalwarefamiliesdesignedtoharvestcredentials,browserdata,sessiontokens,andcryptocurrencywalletinformation.
APT42:Iranianstate-sponsoredphishingaugmentation
TheIraniangovernment-backedgroupAPT42
leveragedgenerativeAImodels,including
Gemini,tosignificantlyaugmentreconnaissance
andtargetedsocialengineering,usingAIto
searchforofficialemailaddressesofspecific
entities,researchpotentialbusinesspartnersto
establishcrediblepretexts,andcraftpersonas
tailoredtoeachtarget’sbiographytomaximize
engagement.
FAMOUSCHOLLIMA:FakeLinkedInprofilesandjobinterviews
DPRK-associatedgroupFAMOUSCHOLLIMA
usedGenAItocreaterealisticLinkedInprofiles
completewithbelievablebackgroundsandAI-
generatedprofileimagestodeceiverecruiters,
andpotentiallyleveragedAItogenerateplausible
responsesduringjobinterviewsaspartofa
campaigntoinfiltrateprivatecorporations.
©2026CybleInc.Allrightsreserved.10
·AITHREATLANDSCAPEREPORT2026·········
ClickFixcampaignsviaAIplatformsInboxPrimeAI:Phishing-as-a-servicekit
InDecember2025,threatactorsbeganabusingtheFirstobservedinOctober2025,InboxPrimeAI
public-sharingfeaturesofgenerativeAIservices,isapurpose-builtphishingkitrapidlygaining
includingChatGPT,Copilot,DeepSeek,Gemini,adoptionacrossundergroundcybercrime
andGrok,tohostdeceptivesocialengineeringnetworks.AtitscoreisanAI-poweredemail
content.BymanipulatingAItoolsintogeneratinggeneratorthatproducesfullycomposedphishing
seeminglylegitimatetroubleshootinginstructionsemailsfromahandfulofdropdowninputs,topic,
withembeddedmaliciouscommands,attackerstone,language,andindustry,eliminatingthe
createdshareablelinkshostedontrustedAIneedforanycopywritingskill.
platformdomains,whichwerethenpromoted
throughmaliciousadvertisingtodistributeTheAIenginealsoappliesspintaxvariations,so
WindowsandmacOSsystems.activelyevadingsignature-basedfilters.Abuilt-
information-stealingmalwaretargetingbothnotworecipientsreceiveidenticalmessages,
inspamcheckerthenanalyzeseachgeneratedUTA0388:China-alignedspearphishingwithemailandsuggestscorrectionstoremove
LLMassistancedetectiontriggersbeforesending.Ontopof
this,thekitautomatessenderidentityrotation
UTA0388isaChina-alignedthreatactortargetingacrosscompromisedGmailaccounts,mimicking
organizationsacrossNorthAmerica,Asia,andtheidentitiesoflegitimateusers,vendors,or
.
fromfabricatedinstitutions,sociallyengineering
Europe.Emailsimpersonatedseniorresearchersexecutiveswithhighfidelity
targetsintoclickinglinksthatledtoamaliciousTheconvergenceofAI-generatedlures,deepfake
archivecontainingtheGOVERSHELL
backdoor.social
engineering,andAI-builtphishing
OpenAIlaterconfirmedthatUTA0388leveragedinfrastructurecreatesanenvironmentwhere
ChatGPTtocraftphishingemailsandassistintraditionaldetectionsignalsarenolonger
malwaredevelopment.reliable.Campaignsthatoncerequireddaysof
preparationandleftvisibletracesoferrorcan
.
Asthecampaignmatured,thegroupshiftedtonowbeproducedinhoursbyasingleoperator
rapport-buildingphishing,establishingbenign
Recommendations
•Enforcehardware-basedMFA(FIDO2/passkeys)onallcriticalsystems;stolencredentialsalonebecomeuselesswithoutthephysicalkey
•Nevertrustvoiceorvideocallsasidentityverification;alwaysconfirmhigh-stakesrequestslikefundtransfersthroughaseparate,pre-establishedcontactmethod
•Retrainstafftounderstandthatpolishedwriting,familiarfaces,andtrustedplatforms(Zoom,Calendly,AItools)arenolongerreliablesignalsoflegitimacy
•EnforceDMARC,DKIM,andSPFonalldomains,andreplacesignature-basedemailfilterswithbehavioralAI-drivendetectionthatdoesn’trelyonspottingerrors
•Requiredualauthorizationandout-of-bandconfirmationforanyfinancialoraccess-changerequest,regardlessofhowlegitimatethesourceappears
•Auditandminimizeyourorganization’spublicfootprintonLinkedInandcompanywebsites;AIreconnaissancetoolsharvestthisdatatocraftpersonalized,convincinglures
multi-emailconversationswithtargetsbefore
introducingamaliciouslink.Signsofunsupervised
LLMusagewereevidentthroughout:emails
simultaneouslyusedthreedifferentidentities
acrossthefriendlyname,senderaddress,and
signatureblock;fabricatedphonenumbers
followedsequentialpatterns;andsometargets
receivedemailsentirelyinthewronglanguage.
AI-assistedbiometricphishing:Browser
permissionabuse
Activesinceearly2026,awidespreadsocial
engineeringcampaignluredvictimsthrough
themessuchas“IDScanner,”“TelegramID
Freezing,”and“HealthFundAI”,trickingusersinto
grantingbrowser-levelcameraandmicrophone
accessundertheguiseofidentityverificationor
accountrecovery.
Oncepermissionsweregranted,malicious
scriptssilentlycollectedliveimages,video
recordings,audio,devicespecifications,contact
details,andapproximatelocation,exfiltrating
everythingtoattacker-controlledTelegrambots.
Analysisofthecampaign’scoderevealedemoji-
basedformattingandstructuredannotations
embeddedwithintheoperationallogic,patterns
increasinglyassociatedwithgenerativeAIbeing
usedtoacceleratemaliciousscriptdevelopment.
©2026CybleInc.Allrightsreserved.11
AITHREATLANDSCAPEREPORT2026
AI-assistedMalwareAttacks
Malwareoperationsaremovingintoamoreadaptiveph
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 2026浙江舟山市岱山县市场监督管理局招聘编外人员1人笔试参考题库及答案详解
- 2026年7月天津大学海南国际学院招聘1名综合服务中心主管笔试参考题库及答案详解
- 2026广东医科大学顺德妇女儿童医院(佛山市顺德区妇幼保健院)招聘22人第五期笔试备考试题及答案详解
- 2026贵州黔东南州三穗县招聘社会化服务市场监管协管人员1人笔试备考题库及答案详解
- 职业技能鉴定国家题库机修钳工高级技师理论知识试题及答案三
- 2026国新国际社会招聘20人(第二号)笔试备考试题及答案详解
- 2026广东深圳市南山区教育幼儿园招聘笔试模拟试题及答案详解
- 2026西安市第四十二中学招聘高中物理教师考试备考题库及答案详解
- 2026年内蒙古自治区呼伦贝尔市社区工作者招聘考试参考试题及答案详解
- 证券从业人员资格考试证券基础知识模拟试题及答案
- 2025年厦门大学生命科学学院工程系列专业技术中初级职务人员招聘备考题库及答案详解一套
- 2026年党的廉政知识测试题及答案
- 腕表鉴定课件
- 2025年昆明市事业单位招聘考试卫生类药学专业试题集
- 固定资产管理标准化操作流程模板
- 供货进度计划一览表
- T/CCMA 0123-2021沥青混凝土摊铺机熨平装置
- CQE工作总结与计划
- DL∕T 707-2014 HS系列环锤式破碎机
- 2024房建劳务分包的合同范本正规范本
- 心电图读图题附有答案
评论
0/150
提交评论