Follow ZDNET: Add us as a preferred source on Google.

ZDNET’s key takeaways

• AI is helping attackers exploit vulnerabilities faster than ever.
• Most cloud attacks now target weak third-party software.
• Businesses need automated, AI-powered defenses to keep up.

The jury is still out on whether most businesses get any measurable benefit from implementing artificial intelligence in their organizations, and the debate is likely to get more contentious over time.

But at least one sector is reaping massive productivity gains in this age of AI: Cybercriminals are more successful than ever at leveraging vulnerabilities to attack businesses in the cloud, where they’re most vulnerable.

Also: 5 ways to fortify your network against the new speed of AI attacks

That’s the conclusion of a March 2026 Cloud Threat Horizons Report from Google’s army of security investigators and engineers. Based on its observations from the second half of 2025, Google Cloud Security concluded, “The window between vulnerability disclosure and mass exploitation collapsed by an order of magnitude, from weeks to days.”

The report concludes that the best way to fight AI-powered attacks is with AI-augmented defenses: “This activity, along with AI-assisted attempts to probe targets for information and continued threat actor emphasis on data-focused theft, indicates that organizations should be turning to more automatic defenses.”

Sneaking in through third-party code

These days, Google’s report notes, security threats are not targeting the core infrastructure of services like Google Cloud, Amazon Web Services, and Microsoft Azure. Those high-value targets are well secured. Instead, threat actors (a polite term that encompasses both criminal gangs and state-sponsored agents, notably from North Korea) are targeting unpatched vulnerabilities in third-party code.

The report contains multiple detailed examples of these attacks — with victims not mentioned by name. 

Also: Stopping bugs before they ship: The shift to preventative security

One involved the exploitation of a critical remote code execution (RCE) vulnerability in React Server Components, a popular JavaScript library used to build user interfaces for websites and mobile apps; those attacks began within 48 hours of the public disclosure of the vulnerability (CVE-2025-55182, commonly referred to as React2Shell).

Another incident involved an RCE vulnerability in the popular XWiki Platform (CVE-2025-24893) that allowed attackers to run arbitrary code on a remote server by sending a specific search string. That bug was patched in June 2024, but the patch wasn’t widely deployed, and attackers (including crypto mining gangs) began exploiting it in earnest in November 2025.

A particularly juicy account involves a gang of state-sponsored attackers known as UNC4899, probably from North Korea, that took over Kubernetes workloads to steal millions of dollars in cryptocurrency. Here’s how the exploit unfolded:

UNC8499 targeted and lured an unsuspecting developer into downloading an archive file on the pretext of an open source project collaboration. The developer soon after transferred the same file from their personal device to their corporate workstation over Airdrop. Using their AI-assisted Integrated Development Environment (IDE), the victim then interacted with the archive’s contents, eventually executing the embedded malicious Python code, which spawned and executed a binary that masqueraded as the Kubernetes command-line tool. The binary beaconed out to UNC4899-controlled domains and served as the backdoor that gave the threat actors access to the victim’s workstation, effectively granting them a foothold into the corporate network.

Another incident involved a series of steps that started with a compromised Node Package Manager package that stole a developer’s GitHub token, used it to access Amazon Web Services, stole files stored in an AWS S3 bucket, and then destroyed the originals. That all happened within 72 hours.

Compromising identity

The other major finding is a shift away from attacking weak credentials with brute force attacks in favor of exploiting identity issues through a variety of techniques:

• 17% of cases involved voice-based social engineering (aka, vishing).
• 12% relied on email phishing.
• 21% involved compromised trusted relationships with third parties.
• 21% involved actors leveraging stolen human and non-human identities.
• 7% resulted from actors gaining access through improperly configured application and infrastructure assets.

And the attackers aren’t always coming from far away. The report notes that “malicious insiders” — including employees, contractors, consultants, and interns — are sending confidential data outside the organization. Increasingly, this type of incident involves platform-agnostic, consumer-focused cloud storage services like Google Drive, Dropbox, Microsoft OneDrive, and Apple iCloud. 

The report calls this “the most rapidly growing means of exfiltrating data from an organization.”

One ominous note is that attackers these days are taking their sweet time before making their presence known. The report notes that “45% of intrusions resulted in data theft without immediate extortion attempts at the time of the engagement, and these were often characterized by prolonged dwell times and stealthy persistence.”

What can businesses do to protect themselves?

Each section of the report includes recommendations for IT professionals to follow for securing cloud infrastructure. Those guidelines are divided into two categories: specific advice for Google Cloud customers and more general guidance for customers using other platforms.

Also: The patching treadmill: Why traditional application security is no longer enough

If you’re an admin at a large organization with security responsibilities, that advice is worth careful consideration and incorporation into your existing security measures.

But what are small and medium-sized businesses supposed to do? Here are four action items:

1. Step up your patching game by ensuring all software applications, especially third-party apps, are automatically updated.
2. Strengthen Identity and Access Management (IAM), using multi-factor authentication and ensuring that only authorized users have access to administrative tools.
3. Monitor the network with an eye toward identifying unusual activity and data movement. This includes attacks from the outside and insider threats.
4. Have an incident response plan ready to go at the first sign of an intrusion. Those first few hours can be crucial, and scrambling to assemble investigative and containment resources can take days if you’re not prepared.

For small businesses without security experts on staff, the best solution is to find a managed service provider with the skills and experience you need. You do not want to start that search after an attacker has already succeeded.