AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

highnewsLLM-Specific

security

Source: The Hacker NewsFebruary 12, 2026

Summary

Google reported that North Korean hackers (UNC2970) and other state-backed groups are using Google's Gemini AI model to speed up cyberattacks by conducting reconnaissance (information gathering about targets), creating fake recruiter personas for phishing (deceptive emails tricking people into giving up passwords), and automating parts of their attack process. Multiple hacking groups from China, Iran, and other actors are also misusing Gemini to analyze vulnerabilities, generate malware code, and harvest credentials from victims.

Classification

Attack Type

Prompt InjectionSupply ChainData Extraction

Attack SophisticationAdvanced

Affected Vendors

Google

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Similar attackTechCrunch

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

Similar attackNVD/CVE Database

Original source: https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 92%