The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- The end of ransomware? Report claims the number of firms paying up is plummeting
October 28, 2025
The number of companies paying ransomware attackers for decryption keys and delete stolen files has plummeted, and now represents just 23% of all victims, new research has claims. In its report, Coveware said ransom payment rates across all impact scenarios – encryption, data exfiltration, and other extortion – fell to a “historical low” of 23% in ...
- Marks and Spencer drops Tata Consultancy Services IT service desk contract
October 28, 2025
Marks and Spencer (M&S) confirmed it has dropped its IT Service Desk partnership with Indian IT firm Tata Consultancy Services (TCS). The contract has been ended after TCS was investigated over speculation that it may be the source of the devastating cyberattack which halted systems in store and online – although the source is not yet ...
- Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
October 27, 2025
Trend Research is continuously tracking the aggressive malware campaign it identified as Water Saci, which uses WhatsApp as its primary infection vector. In our previous blog, the Water Saci campaign, with its malware identified as SORVEPOTEL, automatically distributes the same malicious ZIP file to all contacts and groups associated with the victim’s compromised account for ...
- UN Cybercrime Treaty wins dozens of signatories, to go with its many critics
October 27, 2025
The United Nations on Saturday staged a signing ceremony for the Convention against Cybercrime, the world’s first agreement to combat online crime. And while 72 nations picked up the pen, critics continue to point out the convention’s flaws. Read more… Source: The Register News Sign up for the Cyber Security Review Newsletter The latest cyber security news and insights ...
- Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond
October 27, 2025
The global threat landscape is undergoing an unprecedented transformation. Organizations are facing dizzying levels of complexity, driven by rapid technological innovation, the widespread adoption of artificial intelligence, and the expected disruptive effects of quantum computing. At the same time, shifting geopolitical dynamics, the rise of sophisticated cybercriminal networks, and the introduction of new regulatory frameworks are ...
- Ireland: Number of passengers affected by data breach not yet clear
October 26, 2025
It has not yet clear how many passengers were affected by the data breach relating to boarding passes issued for flights during August, but RTÉ News understands it may be in the hundreds of thousands. In August 3.8 million passenger journeys were made on flights through Dublin Airport. It has not been revealed yet what type ...