Technology & Security

Your Organization Needs Active, Engaged Security

Getting an email that something occurred is already too late.

This week Google’s Threat Intelligence Group confirmed the first zero-day exploit likely built by an AI model. Not assisted by one — built by one. It was days away from a mass exploitation campaign. They caught it. This time.

There’s an Android backdoor called PROMPTSPY that uses Google’s Gemini API as its real-time brain. It watches your screen, decides what to tap, captures your PIN, and blocks uninstallation with an invisible overlay. No human on the other end making those calls. When defenders identify its infrastructure, it rotates and keeps going.

The attack side is no longer waiting for a human in the loop. It’s operating and adapting in real time.

BUT HERE’S WHAT I DON’T WANT US TO MISS

The defenders are doing the same thing — and that matters.

Anthropic’s Project Glasswing used AI to find a 27-year-old vulnerability in OpenBSD and a 16-year-old flaw in FFmpeg that automated tools had passed over five million times. Google caught the AI-built zero-day before it detonated. PROMPTSPY was identified and removed from the Play Store.

The Good News

These aren’t small wins. They’re proof that proactive, AI-assisted defense works. The tools exist. The capability is real. The question is whether organizations are positioned to use them — or still waiting for the alert.

THE REAL PROBLEM

Most organizations are still structured around reaction. Alert fires, team responds. Email arrives, someone investigates. That model is being outpaced — fast.

The problem isn’t that the tools don’t exist. It’s that most organizations are still structured around reaction. The same AI being weaponized by adversaries is available to defenders — but only if you’re actively engaged, not waiting for the notification.

WHAT THIS MEANS FOR YOUR ORGANIZATION

Security needs to be continuous, not periodic. It needs to be a posture, not a checklist. And leadership needs to treat it as a priority before something happens — not after the email arrives explaining what did.

I’m not a security researcher. I manage web infrastructure. I don’t always have the answers. But I’m connected, I’m watching, and I’m engaged to be part of the fight — and I think that posture is exactly what every IT professional and every leadership team needs to be asking of themselves right now.

The question isn’t whether AI is changing the threat landscape. It already has.
The question is whether your security posture changed with it.

Sources

Google GTIG AI Threat Tracker, May 11 2026 · Anthropic Project Glasswing, April 2026 · ESET PromptSpy Research, February 2026