AI Cybersecurity

State-sponsored hackers are increasingly using AI, including large language models, to enhance cyberattacks. This report details how actors from Iran, North Korea, China, and Russia are weaponizing AI for sophisticated phishing, accelerated malware development, and AI-driven reconnaissance, particularly targeting the defense sector. The analysis also highlights a surge in model extraction attacks, the emergence of AI-integrated malware, and the exploitation of AI chat platforms for malicious campaigns. While AI is transforming the threat landscape, Google emphasizes ongoing efforts to disrupt malicious activity and improve AI model defenses.

Hack The Box’s new HTB AI Range lets organizations test autonomous AI security agents alongside human defenders in a realistic, continuously refreshed enterprise‑network simulation. Aligned with MITRE ATT&CK, NIST/NICE and OWASP standards, the platform measures AI‑only and AI‑human teamwork, revealing AI’s speed on simple tasks but weaker performance on multi‑step attacks. It supports ongoing threat‑exposure management, helps validate controls, and provides data for budgeting. Upcoming AI Red‑Teamer certification will set competency standards, positioning the AI Range as a recurring component of modern cyber‑defense programs.

The “Dialogue on AI & Cyber Governance” in London addressed the growing need for corporate AI security as AI integrates into physical infrastructure. Experts from academia and industry, including Tuya Smart, discussed building robust cyber governance frameworks and using AI to enhance cybersecurity. Key topics included addressing vulnerabilities from AI adoption, standardizing security frameworks, and the geopolitical aspects of supply chain security. Participants agreed on the need for global collaboration to develop effective AI security standards. Tuya Smart highlighted its security initiatives and collaborative approach to fostering secure AI development.