Google Threat Intel — LLM-Generated Morphing Malware and Automated Vulnerability Discovery

AI relevance: Google's threat intelligence team has published a catalog of how LLMs are being weaponized by real attackers — from morphing malware that rewrites itself per infection, to automated discovery of logical code flaws that are invisible to conventional fuzzing, directly impacting how AI security teams must defend deployed systems.

• Google's Threat Intelligence team reported that attackers used an LLM to identify a previously unknown vulnerability in a widely used web administration tool, planning industrial-scale exploitation before the attack was discovered and thwarted.
• Morphing malware: LLMs can generate programs with built-in mutation engines that rewrite their own decryption routines, swap semantically equivalent commands, and insert non-functional subroutines on each replication — evading signature-based antivirus while preserving malicious payloads.
• Logical flaw discovery: Unlike traditional security scanners that match known patterns or fuzz randomly, LLMs can reason about code intent and identify logical vulnerabilities invisible to automated tools — a capability that previously required focused human expert review.
• AI-powered obfuscation networks: Threat actors use AI tools to direct malicious traffic through multiple compromised intermediary servers while avoiding traffic patterns that would trigger standard security monitors.
• Insecure AI infrastructure as a target: Attackers increasingly target AI tools, models, and accessory software as initial-access entry points into networks, using compromised AI components as a foothold for lateral movement, ransomware, and data theft.
• Context: UK's AISI reported that Claude Mythos Preview and GPT-5.5 can reliably execute attacks expected to take humans 3+ hours, with token-limit increases extending that window further. Separately, the Calif research team used Claude Mythos Preview to achieve first public kernel memory corruption against macOS.
• Cloudflare's research confirms Claude Mythos Preview represents a "clear advance" for both offensive and defensive security capabilities.

Why it matters

The widening gap between LLM vulnerability-discovery capability and traditional patching timelines creates a structural advantage for attackers. When models can find logical flaws that fuzzers miss and generate polymorphic malware that evades signature detection, the economics of both attack and defense shift. AI security teams can no longer assume that conventional scanning and patch cadence will stay ahead of adversarial AI use.

What to do

• Shift from signature-only detection to behavioral and anomaly-based monitoring — morphing malware will evade static signatures by design.
• Accelerate patch timelines for AI-facing infrastructure; attackers with LLM assistance may identify and exploit bugs faster than traditional cadences allow.
• Apply human expert code review to security-critical logic paths that automated tools miss — LLM-assisted attackers are already doing this.
• Isolate AI tooling and model-serving infrastructure from core networks; treat AI systems as high-value initial-access targets.

Sources:

• Deep Learning AI — Google Study: LLM-Generated Malware Getting Harder to Track
• Google Cloud Blog — AI Vulnerability Exploitation and Initial Access
• UK AISI — How Fast Is Autonomous AI Cyber Capability Advancing
• Calif Research — First Public Kernel Memory Corruption via Mythos