The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CIMB refutes claims of data breach involving 1.2 million records
March 4, 2026
CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its security teams have verified that all systems are secure and that customer data remains fully safeguarded. ...
- Europol, Microsoft, TrendAI and Collaborators Halt Tycoon 2FA Operations
March 4, 2026
Researchers from TrendAI have been tracking the infrastructure, as well as the campaigns and operator behaviors that can be linked to Tycoon 2FA to build a clearer picture of how its services was being used at scale. By November 2025, TrendAI had collected enough data to link the operation to an actor using the monikers “SaaadFridi” ...
- Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS
March 3, 2026
A hacktivist group has claimed to have broken into systems belonging to the US Department of Homeland Security (DHS) and exposed sensitive files online. The group, with the self-awarded name “The Department of Peace”, stole data from the Office of Industry Partnership that contained contracts between DHS, Immigration and Customs Enforcement (ICE), and over 6,000 private ...
- Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
March 3, 2026
Large language models (LLMs) and AI agents are becoming deeply integrated into web browsers, search engines and automated content-processing pipelines. While these integrations can expand functionality, they also introduce a new and largely underexplored attack surface. One particularly concerning class of threats is indirect prompt injection (IDPI), in which adversaries embed hidden or manipulated instructions within ...
- LexisNexis hacked, 2 GB of structured data allegedly exposed
March 3, 2026
The hacker group FulcrumSec is taking responsibility for a data breach of information from LexisNexis. The group claims to have hacked into the LexisNexis servers on Feb. 24. It posted about the hack and alleged it got access to over 2 gigabytes of structured data. “We exfiltrated 2.04 GB of structured data from LexisNexis AWS infrastructure ...
- Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
March 2, 2026
Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned. Financially motivated cybercriminals are contacting citizens under the guise of Dubai Crisis Management, a fictitious department ostensibly tied to Dubai Police, in attempts to gather information that could be used in SIM-swap attacks. The ...