The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CrowdStrike fires ‘suspicious insider’ who passed information to hackers
November 21, 2025
Cybersecurity giant CrowdStrike has confirmed firing a “suspicious insider” last month who allegedly fed information about the company to a notorious hacking group. A hacking collective known as Scattered Lapsus$ Hunters published screenshots late Thursday and Friday morning in a public Telegram channel that allegedly showed insider access to CrowdStrike systems. The screenshots, which TechCrunch has ...
- Google says hackers stole data from 200 companies following Gainsight breach
November 21, 2025
Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers’ Salesforce data” — without naming affected companies — that was stolen via apps published by Gainsight, which provides a customer support platform to other companies. Read more… Source: ...
- Logitech Confirms Data Breach After Cl0p, Linked to Oracle E-Business Suite Exploits, Takes Responsibility
November 20, 2025
Hardware and software solutions company Logitech has disclosed a data breach that exposed employee, customer, and supplier information. “Logitech International S.A. (“Logitech”) recently experienced a cybersecurity incident relating to the exfiltration of data,” the company stated. Read more… Source: CPO Magazine News Sign up for the Cyber Security Review Newsletter The latest cyber security news and insights delivered right to ...
- US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks
November 19, 2025
The governments of the United States, United Kingdom, and Australia have sanctioned a Russian “bulletproof” web hosting company and several of its related firms for allegedly being used to launch ransomware attacks against U.S. victims and critical infrastructure. In a statement Wednesday, the U.S. Treasury said it imposed coordinated sanctions on the Russia-based web host ...
- Understanding the future of offensive AI in cybersecurity
November 19, 2025
As we step into an era where artificial intelligence (AI) plays an increasingly significant role in cybersecurity, discussions surrounding its offensive capabilities are becoming more prominent. A recent report by Anthropic—a leading AI research lab—has sparked the latest conversation on this topic, with questions raised about their claim that an AI-assisted attack they observed was ...
- IT threat evolution in Q3 2025. Mobile statistics
November 19, 2025
According to Kaspersky Security Network, in Q3 2025, 47 million attacks utilizing malware, adware, or unwanted mobile software were prevented. Trojans were the most widespread threat among mobile malware, encountered by 15.78% of all attacked users of Kaspersky solutions. More than 197,000 malicious installation packages were discovered, including, 52,723 associated with mobile banking Trojans,1564 packages identified ...