Google Threat Intelligence Group (GTIG) reports an escalation in adversaries leveraging generative AI for vulnerability discovery, autonomous malware orchestration, and defense evasion. Notable developments include the AI-assisted discovery of a zero-day 2FA bypass, the PROMPTSPY Android backdoor utilizing the Gemini API for autonomous UI navigation, and supply chain attacks by TeamPCP targeting AI dependencies like LiteLLM to extract cloud secrets.