One of the first things everyone predicted when artificial intelligence (AI) became more commonplace was that it would assist cybercriminals in making their phishing campaigns more effective.
Now, researchers have conducted a scientific study into the effectiveness of AI supported spear phishing, and the results line up with everyone’s expectations: AI is making it easier to do crimes. The study, titled Evaluating Large Language Models’ (LLMs) Capability to Launch Fully Automated Spear Phishing Campaigns.
Read more…
Source: Malwarebytes Labs
Related:
- Data of 72 million Under Armour customers appears on the dark web
January 22, 2026
When reports first emerged in November 2025 that sportswear giant Under Armour had been hit by the Everest ransomware group, the story sounded depressingly familiar: a big brand, a huge trove of data, and a lot of unanswered questions. Since then, the narrative around what actually happened has split into two competing versions—cautious corporate statements on ...
- Peruvian Peaks: The digital loan illusion
January 21, 2026
Crossing the Andes, we found ourselves in the digital valleys of Peru, where a new variation of the loan scam awaited us. Much like the schemes in Brazil, these operations played on hope and desperation, luring victims with promises of financial relief. The setup was so convincing that it seemed like help was just within ...
- From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers
January 19, 2026
On December 8, 2025, Koi.ai published their findings about a campaign specifically targeting software developers through weaponized Visual Studio Code extensions. Here, Trend Micro will provide a more in-depth analysis of the multistage delivery of the Evelyn information stealer. Evelyn implements multiple anti-analysis techniques to evade detection in research and sandbox environments. It collects system information ...
- StealC malware control panels could give experts the tools they need to spy on hackers
January 19, 2026
Cybersecurity researchers have managed to break into the web-based control panel for the StealC infostealer and gain valuable information on how the malware operates, and who both the attackers and the victims are. StealC is an immensely popular infostealer malware which first emerged a couple of years ago, and has since become one of the staples ...
- Firefox joins Chrome and Edge as sleeper extensions spy on users
January 19, 2026
A group of cybercriminals called DarkSpectre is believed to be behind three campaigns spread by malicious browser extensions: ShadyPanda, GhostPoster, and Zoom Stealer. Malwarebytes Labs wrote about the ShadyPanda campaign in December 2025, warning users that extensions which had behaved normally for years suddenly went rogue. After a malicious update, these extensions were able to track ...
- Canadian Investment Regulatory Organization data breach reveals info on 750,000 investors
January 19, 2026
The 2025 cyberattack at the Canadian Investment Regulatory Organization (CIRO) affected roughly 750,000 Canadians, it has now confirmed. Founded in 2023, CIRO is Canada’s national self-regulatory body that oversees investment dealers, trading activity, and market integrity. In mid-August 2025, CIRO disclosed a cyberattack and data breach, saying it was forced to shut down parts of its ...