Threat Research

3 Principles to Safely Scale Agentic AI

ISO 42001:2023 and the New Reality of Cloud AI Data Risk

Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say

Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar

How to Stop AI-Driven Data Loss

CrowdStrike Brings Enterprise-Grade Security to the AI Factory with NVIDIA Vera BlueField-4 STX

CrowdStrike Scales AI-Native Agents Across Falcon Exposure Management with NVIDIA

Secure Shadow AI at the Control Plane with Falcon for IT

CrowdStrike Named a Leader in 2026 Gartner® Magic Quadrant™ for Endpoint Protection for Seventh Consecutive Time

Shadow AI: The Hidden Risk Expanding Across the Enterprise

CrowdStrike Named a Leader in Identity Threat Detection and Response

Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability

Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web

2 PhaaS 2 Furious: The Evolution of Chinese-Language Phishing Services

While Russian-speaking threat actors have historically dominated the phishing-as-a-service (PhaaS) landscape, a rival ecosystem is rapidly growing within the Ch

Welcome to BlackFile: Inside a Vishing Extortion Operation

Written by: Austin Larsen, Tyler McLellan, Genevieve Stark, Dan Ebreo Introduction Google Threat Intelligence Group (GTIG) has continued to track an expansive e

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens

We recently published an exploit chain for the Google Pixel 9 that demonstrated it was possible to go from a zero-click context to root on Android in just two e

GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access

Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transi

Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite

Written by: JP Glab, Tufail Ahmed, Josh Kelley, Muhammad Umair Introduction Google Threat Intelligence Group (GTIG) identified a multistage intrusion campaign b

Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever

Introduction Advances in AI model-powered exploitation have demonstrated that general-purpose AI models can excel at vulnerability discovery, even without being

The German Cyber Criminal Überfall: Shifts in Europe's Data Leak Landscape

Written by: Jamie Collier, Robin Grunewald Germany has reclaimed its position as a primary focus for cyber extortion in Europe. While data leak site (DLS) posts

vSphere and BRICKSTORM Malware: A Defender's Guide

Written by: Stuart Carrera Introduction Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving thr