Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- AI is helping attackers exploit vulnerabilities faster than ever.
- Most cloud attacks now target weak third-party software.
- Businesses need automated, AI-powered defenses to keep up.
It remains unclear whether most companies see any real, measurable advantage from adopting artificial intelligence within their operations, and this debate is only expected to intensify going forward.
However, one group is clearly reaping enormous productivity gains in the AI era: Cybercriminals are more effective than ever at exploiting weaknesses to strike businesses in the cloud, where they’re most exposed.
Also: 5 ways to fortify your network against the new speed of AI attacks
This is the finding of a March 2026 Cloud Threat Horizons Report from Google’s team of security researchers and engineers. Drawing on observations from the second half of 2025, Google Cloud Security determined, “The window between vulnerability disclosure and mass exploitation collapsed by an order of magnitude, from weeks to days.”
The report concludes that the most effective way to counter AI-driven attacks is with AI-enhanced defenses: “This activity, along with AI-assisted attempts to probe targets for information and continued threat actor emphasis on data-focused theft, indicates that organizations should be turning to more automatic defenses.”
Sneaking in through third-party code
According to Google’s report, security threats today are not aimed at the core infrastructure of platforms like Google Cloud, Amazon Web Services, and Microsoft Azure. Those high-value targets are well protected. Instead, threat actors (a diplomatic term covering both criminal organizations and state-sponsored operatives, particularly from North Korea) are going after unpatched flaws in third-party code.
The report provides several detailed examples of these attacks — without naming the victims.
Also: Stopping bugs before they ship: The shift to preventative security
One case involved the exploitation of a critical remote code execution (RCE) vulnerability in React Server Components, a widely used JavaScript library for building user interfaces for websites and mobile apps; those attacks began within 48 hours of the vulnerability being publicly disclosed (CVE-2025-55182, commonly known as React2Shell).
Another incident involved an RCE vulnerability in the popular XWiki Platform (CVE-2025-24893) that let attackers run arbitrary code on a remote server by sending a specific search query. That flaw was patched in June 2024, but the fix wasn’t widely applied, and attackers (including crypto mining groups) began exploiting it heavily in November 2025.
A particularly striking account involves a state-sponsored hacking group known as UNC4899, believed to be from North Korea, that hijacked Kubernetes workloads to steal millions of dollars in cryptocurrency. Here’s how the attack played out:
UNC4899 targeted and tricked an unsuspecting developer into downloading an archive file under the guise of an open source project collaboration. The developer later transferred the same file from their personal device to their corporate workstation via Airdrop. Using their AI-assisted Integrated Development Environment (IDE), the victim then opened the archive’s contents, eventually running the embedded malicious Python code, which launched and executed a binary disguised as the Kubernetes command-line tool. The binary communicated with UNC4899-controlled domains and acted as the backdoor that gave the threat actors access to the victim’s workstation, effectively providing them a foothold into the corporate network.
Another incident involved a chain of events that began with a compromised Node Package Manager package that stole a developer’s GitHub token, used it to access Amazon Web Services, stole files stored in an AWS S3 bucket, and then deleted the originals. The entire sequence unfolded within 72 hours.
Compromising identity
The other major finding is a shift away from brute force attacks on weak credentials toward exploiting identity weaknesses through a range of techniques:
- 17% of cases involved voice-based social engineering (also known as vishing).
- 12% relied on email phishing.
- 21% involved compromised trusted relationships with third parties.
- 21% involved actors leveraging stolen human and non-human identities.
- 7% resulted from actors gaining access through improperly configured application and infrastructure assets.
And the attackers aren’t always operating from distant locations. The report notes that “malicious insiders” — including employees, contractors, consultants, and interns — are leaking confidential data outside the organization. Increasingly, this type of incident involves platform-agnostic, consumer-focused cloud storage services like Google Drive, Dropbox, Microsoft OneDrive, and Apple iCloud.
The report describes this as “the most rapidly growing means of exfiltrating data from an organization.”
One concerning detail is that attackers are increasingly biding their time before revealing their presence. The report notes that “45% of intrusions resulted in data theft without immediate extortion attempts at the time of the engagement, and these were often characterized by prolonged dwell times and stealthy persistence.”
What can businesses do to protect themselves?
Each section of the report includes recommendations for IT professionals to follow when securing cloud infrastructure. Those guidelines are split into two categories: specific advice for Google Cloud customers and broader guidance for customers using other platforms.
Also: The patching treadmill: Why traditional application security is no longer enough
If you’re an administrator at a large organization with security responsibilities, that advice is worth careful consideration and integration into your existing security measures.
But what about small and medium-sized businesses? Here are four action items:
- Improve your patching practices by making sure all software applications, especially third-party apps, are updated automatically.
- Strengthen Identity and Access Management (IAM) by using multi-factor authentication and ensuring that only authorized users can access administrative tools.
- Monitor the network with a focus on spotting unusual activity and data movement. This covers both external attacks and insider threats.
- Have an incident response plan ready to activate at the first sign of an intrusion. Those initial hours can be critical, and scrambling to assemble investigative and containment resources can take days if you’re not prepared.
For small businesses without in-house security experts, the best approach is to find a managed service provider with the skills and experience you need. You don’t want to begin that search only after an attacker has already broken through.
