When it comes to cybersecurity, one thing is certain: adversaries are constantly coming up with new ideas This article explores ai orchestrated cyber. . Attack tactics are changing and becoming more difficult to identify due to the emergence of offensive AI.
According to a recent report by Google's Threat Intelligence Group, adversaries are using Large Language Models (LLMs) to both generate malicious scripts and conceal code, allowing malware to shape-shift in real-time to avoid traditional defenses. A closer examination of these new attacks reveals previously unheard-of levels of sophistication and deceit. Anthropic published a story in November 2025 about what it called the first "AI-orchestrated cyber espionage campaign." AI was used in this operation at every stage of the attack, from initial access to exfiltration, which was mostly carried out by the AI on its own.
Living off the land (LoTL) strategies used by Chinese state-sponsored actors to evade endpoint detection are blamed. Unmanaged network edge devices, including SOHO routers and other Internet of Things (IoT) hardware, were its targets. Instead of using a direct connection to a Chinese IP address, the actors were able to modify the originating packets to look as though they were coming from a cable modem in Texas.
The network traffic was what revealed the game. Although they managed to evade EDR, NDR's detection of changes in network traffic volume revealed that the originating cable modem traffic was actually concealing something much more sinister.
.webp%3Fw%3D1068%26resize%3D1068%2C0%26ssl%3D1&w=3840&q=75)