Google Says 45% of Cloud Intrusions Steal Data Without Extortion as AI Shrinks Exploitation to Days
Updated
Updated · ZDNet · May 18
Google Says 45% of Cloud Intrusions Steal Data Without Extortion as AI Shrinks Exploitation to Days
7 articles · Updated · ZDNet · May 18
Google Cloud Security said attacks observed in the second half of 2025 moved from disclosure to mass exploitation in days rather than weeks, with AI helping attackers probe targets and weaponize flaws faster.
Third-party software has become the main entry point because major cloud platforms are harder to breach directly; Google cited attacks on React Server Components within 48 hours and an AWS theft-and-destruction chain completed in 72 hours.
Identity abuse is also rising: 21% of cases involved compromised third-party trust relationships, another 21% used stolen human or machine identities, while vishing accounted for 17% and phishing 12%.
Google said 45% of intrusions led to data theft without immediate extortion, often with long dwell times, and urged automated patching, stronger IAM with MFA, network monitoring and ready incident-response plans.
If AI finds flaws faster than we can patch, is all third-party software a ticking time bomb?
With AI shrinking attack windows to minutes, is the era of human-led cybersecurity defense over?
When AI can perfectly mimic your CEO's voice, how can anyone trust a work call again?
The 2026 Cloud Threat Landscape: AI-Accelerated Attacks, Rising Costs, and Proactive Defense Imperatives
Overview
In the first half of 2026, the cloud threat landscape has changed dramatically as malicious actors use increasingly sophisticated artificial intelligence to breach cloud environments. This shift has made cloud security more important than ever, with attackers leveraging AI to launch advanced intrusions, including hard-to-detect zero-day exploits that target unknown vulnerabilities. When these AI-driven attacks succeed against customer-facing infrastructure, they can trigger severe business consequences, such as service disruptions and data exposure. As a result, organizations must adapt quickly, as traditional defenses are being challenged by the rapid evolution of AI-powered attack methods.