AI‑Driven Attacks, Supply‑Chain Compromise and Rising Identity Risk

This week’s intelligence highlights a sharp escalation in AI‑assisted cybercrime, supply‑chain compromise, and identity‑focused attacks affecting organisations globally and across Australia. Threat actors are compressing the attack lifecycle by using generative AI to automate reconnaissance, weaponise vulnerabilities on day one, and disguise command‑and‑control traffic inside legitimate platforms. At the same time, software dependencies, developer tools and browser extensions continue to be abused as trusted delivery mechanisms. For Australian organisations, the message is clear: resilience now depends on strict control of identities, dependencies, exposed services and AI‑enabled systems.

The Threats at the Gates

Adversaries significantly raised the bar this week by blending AI‑driven automation with traditional exploitation techniques. A financially motivated, Russian‑speaking group used commercial generative AI to scan and brute‑force hundreds of exposed FortiGate management interfaces worldwide, including in Australia. Once inside, attackers harvested credentials, pivoted into Active Directory environments and staged ransomware operations.

Attackers are also repurposing AI assistants themselves as infrastructure. Enterprise tools such as AI chatbots are being abused as covert command‑and‑control channels, allowing malicious instructions to blend into normal user queries and evade traditional detection.

New malware families continue to emerge across platforms. On Android, a novel trojan leverages Google’s Gemini AI at runtime to navigate interfaces, steal credentials, resist removal and adapt dynamically to device layouts. Firmware‑level backdoors were discovered pre‑installed via OTA updates on consumer tablets, enabling persistent data exfiltration and fraud. On Windows, multiple remote‑access trojans bypass security logging and AMSI protections using DNS lookups, PowerShell loaders and system‑function hooking.

Supply‑chain attacks remain relentless. Compromised npm packages, trojanised AI tooling, and malicious browser extensions posing as productivity or AI assistants have impacted hundreds of thousands of users. A hijacked Outlook add‑in alone harvested thousands of Microsoft account credentials, while AI‑themed Chrome extensions exfiltrated personal and corporate data at scale.

Exploited Vulnerabilities and Zero‑Days

A number of critical vulnerabilities are being actively exploited, demanding immediate attention:

• Authentication bypasses in security and access‑management platforms allowed attackers to gain administrative access even on patched systems.
• A long‑standing Telnet authentication flaw resurfaced, granting unauthorised root access on legacy Linux and IoT devices.
• Zero‑day and near‑zero‑day flaws in Microsoft Office and Chrome were rapidly weaponised in phishing campaigns.
• Webmail platforms were compromised through deserialisation and cross‑site scripting bugs shortly after disclosure.
• Backup and recovery systems exposed hard‑coded credentials, enabling attackers to deploy persistent backdoors.
• Remote code‑execution vulnerabilities in web frameworks and automation platforms remain popular entry points for cryptominers and ransomware.
• VoIP phones, IP cameras and industrial controllers were found vulnerable to unauthenticated takeover and covert surveillance.

Business impact:
Any internet‑exposed management interface, legacy protocol or unpatched dependency now represents a high‑risk entry point. Patch velocity and configuration hardening are critical.

Malware Campaigns and Remote Access Trojans

Remote‑access tooling continues to evolve across desktop, mobile and embedded environments:

• Multi‑stage RAT campaigns now rely on user deception rather than file downloads, prompting victims to run scripts that install malware directly in memory.
• Android malware is increasingly persistent, abusing accessibility services, VNC modules and AI‑driven UI interaction.
• Mobile spyware suites sold on underground markets offer full live surveillance, OTP interception and cryptocurrency theft.
• Diskless malware loaders delivered via virtual disk images evade traditional endpoint detection.
• Attackers abuse legitimate remote‑management tools to maintain persistence once credentials are compromised.

Business impact:
Endpoint visibility must extend beyond traditional malware signatures to include behavioural monitoring, device integrity checks and detection of unauthorised remote‑management activity.

AI‑Driven Threats and Attacks

AI is now a core enabler of cyber attacks:

• Generative AI is being used to automate scanning, credential attacks and exploit chaining, dramatically reducing attacker effort.
• AI‑powered Android malware dynamically adapts its behaviour in real time.
• Enterprise AI assistants are being exploited as stealthy relay channels for attacker communications.
• Recommendation‑poisoning and hidden prompt attacks manipulate AI outputs to mislead users or leak sensitive data.
• AI‑driven scraping tools are harvesting large volumes of proprietary and personal information.

Business impact:
Organisations deploying AI must treat AI tools as privileged systems, applying strict access controls, logging and governance to prevent abuse.

Supply Chain and Dependency Attacks

Software supply chains remain one of the most attractive targets:

• Stolen publishing tokens were used to inject backdoors into popular CLI tools and automation frameworks.
• Open‑source AI components were compromised to distribute credential stealers and loaders.
• A trusted software updater was hijacked for months, silently distributing a state‑linked backdoor.
• Developer ecosystems such as npm, PyPI and extension registries continue to be abused through compromised maintainer accounts.

Business impact:
Dependency trust can no longer be assumed. Continuous verification of package integrity and publishing credentials is essential.

Phishing, Scams and Social Engineering

Social engineering campaigns have become more deceptive and scalable:

• Phishing‑as‑a‑service platforms proxy real websites to intercept credentials and MFA codes.
• AI‑themed browser extensions and add‑ins masquerade as assistants while harvesting data.
• Voice‑phishing operations impersonate IT support to capture one‑time passcodes in real time.
• Brand‑impersonation campaigns dynamically register lookalike domains targeting large enterprises.
• Financial fraud schemes now incorporate chatbots to add credibility and automate interaction.

Business impact:
Identity is now the primary attack surface. Technical controls must be reinforced with targeted user awareness and detection of abnormal authentication behaviour.

Recommended Actions for Australian Organisations

To respond to this week’s threat landscape:

1. Patch aggressively—prioritise vulnerabilities that affect authentication, management interfaces, browsers, automation tools and backup systems.
2. Harden identity controls with phishing‑resistant MFA, conditional access and strict session‑lifetime policies.
3. Lock down exposed services, especially firewall management ports, web admin consoles and legacy protocols.
4. Enforce supply‑chain hygiene, including dependency pinning, checksum verification and protection of publishing tokens.
5. Control browser extensions and add‑ins through allow‑listing and regular audits.
6. Govern AI usage by mapping all AI tools, restricting privileges and monitoring AI‑driven activity.
7. Expand detection beyond endpoints to include network behaviour, DNS anomalies and remote‑management abuse.