·HSK 5

report
bàogào
报告
to show / to reveal
xiǎnshì
显示
，
hackers
hēikè
黑客
increasingly / more and more
yuèlái yuè duo
越来越多
to leverage / to make use of
jizhù
借助
AI (artificial intelligence)
AI
AI
to launch / to carry out
fādòng
发动
cyberattacks
wanglùo gongjí
网络攻击
。

Google-owned / under Google

Guge qíxià

谷歌旗下

cybersecurity

wanglùo anquán

网络安全

company

gongsì

公司

Mandiant (cybersecurity company)

Mandiant

to release / to publish

fabù

发布

2026 annual

2026 niándù

2026年度

threat

weīxié

威胁

report

bàogào

报告

，

to point out

zhichu

指出

hackers

hēikè

黑客

are (progressive)

zhèngzài

正在

(introducing object)

jiāng

将

artificial intelligence

réngong zhìnéng

人工智能

to integrate

zhènghé

整合

into

jìn

进

attack

gongjí

攻击

process / workflow

liúchéng

流程

。

report

bàogào

报告

also / furthermore

hái

还

to find / to discover

faxiàn

发现

，

from

cóng

从

vulnerability

lòudòng

漏洞

disclosure / publication

pilu

披露

dào

到

to suffer / to be subject to

zaoshòu

遭受

attack

gongjí

攻击

(modifier particle)

的

time window

shíjian chuangkou

时间窗口

has significantly shortened

yǐ dàfú suoduan

已大幅缩短

。

May 5, 2026 at 10:20 AM

Google-owned / under Google

Guge qíxià

谷歌旗下

cybersecurity company

wanglùo anquán gongsì

网络安全公司

Mandiant (cybersecurity company)

Mandiant

recently / in recent days

jìnrì

近日

released / published

fabùle

发布了

2026

2026 nián

2026年

annual edition

dù

度

cyber threat

wanglùo weīxié

网络威胁

report

bàogào

报告

M-Trends (Mandiant threat report series)

M-Trends

。

report

bàogào

报告

to point out

zhichu

指出

，

whether it is

wúlùn shì

无论是

nation-state

guójiā

国家

state-sponsored

zhichí de

支持的

hackers

hēikè

黑客

háishi

还是

financially motivated

yǐ móulì wéi mùdì de

以牟利为目的的

attackers

gongjízhě

攻击者

，

are all

jun zài

均在

(introducing object)

jiāng

将

large language models

dàxíng yuyán móxíng

大型语言模型

to integrate

zhènghé

整合

into

jìn

进

attack

gongjí

攻击

chain / pipeline

liànlù

链路

。

report

bàogào

报告

shows / reveals

xiǎnshì

显示

，

28.3 percent

28.3%

(modifier particle)

的

known / disclosed

yǐzhi

已知

vulnerabilities

lòudòng

漏洞

within

zài

在

after disclosure

pilù hòu

披露后

within 24 hours

24 xiaoshí nèi

24小时内

are immediately subjected to

jí zao

即遭

exploitation

lìyòng

利用

。

hackers

hēikè

黑客

increasingly

yuèlái yuè duo

越来越多

to leverage

jizhù

借助

AI (artificial intelligence)

to carry out

kaizhǎn

开展

highly targeted

gaodù zhenzuìxìng de

高度针对性的

social engineering

shèhuì gonchéngxué

社会工程学

attacks

gongjí

攻击

，

going beyond

chaoyuè

超越

traditional

chuántong

传统

mass / bulk

piliàng

批量

phishing emails

diàoyú yóujiàn

钓鱼邮件

。

report

bàogào

报告

also

hái

还

documented / recorded

jìlùle

记录了

one

yì qi

一起

supply chain

gongying liàn

供应链

breach / intrusion

rùqin

入侵

case / example

ànlì

案例

：

hackers

hēikè

黑客

zài

在

compromised

bèi rùqin de

被入侵的

devices

shèbèi shàng

设备上

to exploit / to use

lìyòng

利用

AI (artificial intelligence)

tools

gongjù

工具

to steal

qiète

窃取

developer

kaifazhě

开发者

access tokens

fǎngwèn lìngpái

访问令牌

。

ransomware

lèsuǒ ruanjian

勒索软件

attackers

gongjízhě

攻击者

on the other hand / moreover

zé

则

began

kaishi

开始

systematically

xìtongxìng de

系统性地

to destroy / to sabotage

pòhuài

破坏

the victim

shòuhài zhě

受害者

(modifier particle)

的

backup systems

bèifèn

备份

and

hé

和

recovery

huifù

恢复

infrastructure

jichú shèshi

基础设施

，

to force / to compel

pòshi

迫使

them (formal)

qí

其

to pay a ransom

zhifù shùjin

支付赎金

。

Mandiant (cybersecurity company)

Mandiant

to emphasize

qiangdiào

强调

，

although / even though

jingguan

尽管

AI (artificial intelligence)

has become

yǐ chéngwéi

已成为

attack-related

gongjí de

攻击的

accelerator

jiasùqì

加速器

，

the majority

dàduoshù

大多数

successful

chénggong de

成功的

breaches / intrusions

rùqin

入侵

still stem from

réng yuányú

仍源于

human

rénwéi

人为

and

hé

和

systemic

xìtongxìng

系统性

(modifier particle)

的

vulnerabilities / gaps

lòudòng

漏洞

。

New Words

wǎngluò gōngjī

网络攻击

cyberattack

hēikè

黑客

hacker

jièzhù

借助

to leverage / to make use of

lòudòng

漏洞

vulnerability / gap

lìyòng

利用

to exploit / to use

shèhuì gōngchéngxué

社会工程学

social engineering

diàoyú yóujiàn

钓鱼邮件

phishing email

gōngyìng liàn

供应链

supply chain

lèsuǒ ruǎnjiàn

勒索软件

ransomware

pòhuài

破坏

to destroy / to sabotage

bèifèn

备份

backup

lòudòng

漏洞

vulnerability

News in English

Science & Technology

Mandiant Report Reveals Hackers Are Increasingly Using AI to Launch Cyberattacks

Google-owned cybersecurity firm Mandiant released its 2026 threat report, finding that hackers are integrating AI into their attack workflows. The report also found that the time window between vulnerability disclosure and exploitation has significantly shortened.

A report released by Google-owned cybersecurity company Mandiant shows that hackers are increasingly leveraging AI to launch cyberattacks. The 2026 M-Trends report indicates that both state-sponsored and financially motivated attackers are integrating large language models into their attack chains.

The report reveals that 28.3% of known vulnerabilities are exploited within 24 hours of disclosure. Hackers are increasingly using AI to conduct highly targeted social engineering attacks, going beyond traditional mass phishing emails.

The report documented a supply chain breach case where hackers used AI tools on compromised devices to steal developer access tokens. Ransomware attackers have begun systematically destroying victims' backup and recovery infrastructure, forcing them to pay ransoms.

Mandiant emphasizes that although AI has become an accelerator for attacks, the majority of successful breaches still stem from human error and systemic vulnerabilities. The report highlights the importance of addressing fundamental security gaps and human factors in cybersecurity defense.

New Words

News in English

Mandiant Report Reveals Hackers Are Increasingly Using AI to Launch Cyberattacks

More in Science & Technology

Apple (company)
Píngguǒ
苹果
with / and
yǔ
与
Intel (chip company)
Yīngtèěr
英特尔
to reach / to conclude (a deal)
dáchéng
达成
chip
xīnpiàn
芯片
contract manufacturing
dàigōng
代工
agreement
xiéyì
协议
。

OpenAI (AI company)
OpenAI
OpenAI
to consider
kǎolǜ
考虑
will / to
jiāng
将
to go public / IPO
shàngshì
上市
to postpone / to delay
tuīchí
推迟
until / to
zhì
至
the year 2027
2027 nián
2027年
。

Alibaba
Ālǐbābā
阿里巴巴
Qwen
tōngyì
通义
Qwen
qiānwèn
千问
App
yìngyòng
应用
opens
kāifàng
开放
third-party
dì sān fāng
第三方
agent
zhìnéng tǐ
智能体
integration
jiērù
接入
。

reportbàogào报告to show / to revealxiǎnshì显示，hackershēikè黑客increasingly / more and moreyuèlái yuè duo越来越多to leverage / to make use ofjizhù借助AI (artificial intelligence)AIAIto launch / to carry outfādòng发动cyberattackswanglùo gongjí网络攻击。

New Words

News in English

Mandiant Report Reveals Hackers Are Increasingly Using AI to Launch Cyberattacks

More in Science & Technology

Apple (company)Píngguǒ苹果with / andyǔ与Intel (chip company)Yīngtèěr英特尔to reach / to conclude (a deal)dáchéng达成chipxīnpiàn芯片contract manufacturingdàigōng代工agreementxiéyì协议。

OpenAI (AI company)OpenAIOpenAIto considerkǎolǜ考虑will / tojiāng将to go public / IPOshàngshì上市to postpone / to delaytuīchí推迟until / tozhì至the year 20272027 nián2027年。

AlibabaĀlǐbābā阿里巴巴Qwentōngyì通义Qwenqiānwèn千问Appyìngyòng应用openskāifàng开放third-partydì sān fāng第三方agentzhìnéng tǐ智能体integrationjiērù接入。

Apple (company)
Píngguǒ
苹果
with / and
yǔ
与
Intel (chip company)
Yīngtèěr
英特尔
to reach / to conclude (a deal)
dáchéng
达成
chip
xīnpiàn
芯片
contract manufacturing
dàigōng
代工
agreement
xiéyì
协议
。

OpenAI (AI company)
OpenAI
OpenAI
to consider
kǎolǜ
考虑
will / to
jiāng
将
to go public / IPO
shàngshì
上市
to postpone / to delay
tuīchí
推迟
until / to
zhì
至
the year 2027
2027 nián
2027年
。

Alibaba
Ālǐbābā
阿里巴巴
Qwen
tōngyì
通义
Qwen
qiānwèn
千问
App
yìngyòng
应用
opens
kāifàng
开放
third-party
dì sān fāng
第三方
agent
zhìnéng tǐ
智能体
integration
jiērù
接入
。