Google DeepMind published a 35-page AI Control Roadmap on June 18 that openly frames its own AI agents as potential insider threats, deploying structural containment controls rather than relying on alignment training alone.
Google DeepMind published a 35-page AI Control Roadmap on June 18 that openly frames its own AI agents as potential insider threats, deploying structural containment controls rather than relying on alignment training alone.
North Korea's FAMOUS CHOLLIMA operation has expanded beyond revenue generation into systematic AI intellectual property theft, placing fake engineers inside foundation model developers, GPU cloud providers, and AI safety organisations. CrowdStrike, Microsoft, and the DOJ have documented the mechanism. The AI industry has not caught up.
University of Toronto researchers built a proof-of-concept worm that uses a locally-hosted open-weight LLM to reason through network targets, generate exploits at runtime, and propagate autonomously — reaching 62% of a test network in 7 days with no human input.
Anthropic analysed 832 accounts banned for malicious cyber activity and mapped 13,873 attacker actions to MITRE ATT&CK — finding that AI is shifting from initial access to post-compromise work, and that medium-to-high-risk actors grew from 33% to 56% in under a year.
Google's Threat Intelligence Group has confirmed the first known case of a nation-state actor using AI to generate a working zero-day exploit used in an active campaign. APT45 — a North Korean state-sponsored group — automated the discovery and validation of a 2FA bypass using thousands of recursive prompts. The exploit code contained forensic markers of AI generation.