The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ukraine state railway says online services partially restored after cyber attack
March 27, 2025
Ukraine’s state-owned railway Ukrzaliznytsia, the country’s largest carrier, has partially restored online services after a large-scale cyber attack hit passenger and freight transport systems, the company said on Thursday. An outage was first reported on Sunday when the rail company notified passengers about a failure in its IT system and told them to buy tickets on ...
- Australia: Identity of hacker behind NSW court website data breach unknown
March 26, 2025
Authorities say they do not know who is behind a data breach at the NSW Department of Communities and Justice (DCJ) in which thousands of sensitive files were accessed. NSW government officials confirmed about 9,000 sensitive court files, including domestic violence orders and affidavits, were accessed from the NSW Online Reigstry last week. Attorney-General Michael Daley ...
- UK supermarket Morrisons’ sales growth slows after cyber attack
March 26, 2025
British supermarket group Morrisons’ sales growth slowed in its first quarter, reflecting a previously flagged cyber attack at its technology provider which disrupted its operations. The UK’s fifth largest grocer, which has been owned by U.S. private equity firm Clayton, Dubilier & Rice since 2021, said on Wednesday its like-for-like sales rose 2.1% in its quarter ...
- Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
March 25, 2025
In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious ...
- KLIA operations not affected after Malaysian airport hit by cyber attack
March 25, 2025
Operations at the Kuala Lumpur International Airport (KLIA) were not affected by a cyber attack by hackers who demanded US$10 million (S$13.4 million). In a joint statement on March 25, the National Cyber Security Agency (Nacsa) and Malaysia Airports Holdings Berhad (MAHB) said they detected a cyber-security threat affecting certain computer systems at KLIA on March ...
- MoDiRAT Malware Uses Horus Protector to Target France
March 25, 2025
The SonicWall Capture Labs threat research team has identified a new development in the Horus Protector distributed infection chain. Recently, it has been targeting the French region with MoDiRAT, a malware notorious for stealing credit card and other victim information. During the infection process, it deploys the DarkCloud stealer; however, before exiting, the loader verifies if ...