Find notable cyber news and cases, enriched with sources, timelines, and signals.

China-nexus agentic tools attack campaign targeting Japanese technology and East Asian cybersecurity organizations

Campaign
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

A China-nexus actor used agentic tools in a targeted attack against a Japanese technology firm and an East Asian cybersecurity platform, showing how AI-driven orchestration can scale offensive operations. The attack used Hextrike and Strix to maintain persistence across the attack surface. Those tools were also used to automate and validate vulnerabilities during the operation. The activity points to a more autonomous attack workflow with reduced human oversight.

Related Happenings

Google AI Threat Defense launch adds autonomous AI-attack detection and remediation for enterprises

Security Tool/Service
H score20 First: 28.05.2026 12:55 Last: 28.05.2026 12:55 Sources 1

About this happening: Google Cloud launched **Google AI Threat Defense**, an **always-on autonomous** security platform aimed at stopping **AI-powered cyberattacks** across enterprise environments. The...

Shadow-Aether-040 AI-augmented campaign against Mexican government entities

Campaign
H score41 First: 13.05.2026 16:00 Last: 13.05.2026 16:00 Sources 1

About this happening: The **Shadow-Aether-040** campaign used **AI agents** and custom tooling to compromise **six government entities in Mexico**, increasing the risk of follow-on intrusion and **data...

Google GTIG analysis of adversary AI use for exploit development and attack orchestration

Technical Analysis
H score33 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

How related: Google today published new research tracking how adversaries leverage AI in their cyber operations.

About this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...

Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign

Campaign
H score30 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...

AISI and NCSC guidance on cybersecurity basics after Mythos Preview testing

Public Sector Action
H score25 First: 14.04.2026 12:30 Last: 14.04.2026 12:30 Sources 1

About this happening: The **UK AI Security Institute (AISI)** and **National Cyber Security Centre (NCSC)** urged organizations to strengthen **cybersecurity basics** after evaluating **Anthropic’s Myt...

Timeline

  1. 11.05.2026 16:00 2 articles · 1mo ago

    GTIG discloses AI-enabled threat activity

    Initial Disclosure

    Google Threat Intelligence Group (GTIG) said threat actors are using AI tools for phishing, malware coding, reconnaissance, vulnerability research, exploit development, and attack orchestration, including a zero-day exploit believed to have been developed with AI to bypass two-factor authentication (2FA) on a popular open-source, web-based system administration tool, and a China-nexus attack using Hextrike and Strix against a Japanese technology firm and an East Asian cybersecurity platform.

    Show sources