Google Threat Intelligence Group (GTIG) reports a significant maturation in how adversaries leverage AI, shifting from initial experimentation to industrial-scale application in cyber operations. This report, based on insights from Mandiant, Gemini, and GTIG research, highlights AI's dual role: it serves as a sophisticated engine for adversary operations and concurrently as a high-value target for attacks. Key developments include AI-augmented vulnerability discovery, advanced defense evasion techniques, and autonomous malware operations. Adversaries are now using AI for zero-day exploit development, accelerating polymorphic malware creation, and orchestrating autonomous attacks like PROMPTSPY for system navigation and decision-making. AI also enhances reconnaissance, information operations (e.g., deepfakes), and provides obfuscated, scalable access to LLMs for malicious activities.…