// Alert

Google Cloud threat report

Google Cloud Threat Intelligence (GTIG) published a report describing how attackers are using AI to accelerate vulnerability exploitation and gain initial access to cloud environments, including Google Cloud. GTIG identified the first known zero-day exploit believed to be AI-developed, targeting an open-source web administration tool and intended for a mass exploitation event before being disrupted. The report also documents abuse of exposed Google Cloud API keys to reach Gemini AI endpoints, and tracks a threat cluster designated TeamPCP (UNC6780) targeting AI software dependencies as an initial-access vector with follow-on ransomware activity. Google notes attackers are exploiting newly disclosed vulnerabilities within hours of publication and increasingly focus on APIs, SaaS, developer platforms, and AI services rather than credential theft. Recommended actions include tightening API key hygiene, monitoring AI service account usage, and shortening patch windows.

// Get alerts for Google Cloud