The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers
September 15, 2025
Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world. Kering, the parent company of the luxury brands, has confirmed the breach and says ...
- Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
September 15, 2025
In this article, Kaspersky researchers explore how the Model Context Protocol (MCP) — the new “plug-in bus” for AI assistants — can be weaponized as a supply chain foothold. The researchers start with a primer on MCP, map out protocol-level and supply chain attack paths, then walk through a hands-on proof of concept: a seemingly legitimate ...
- Another massive DDoS attack that reached 1.5 Bpps has been thwarted
September 13, 2025
A distributed denial-of-service attack targeting a DDoS mitigation vendor somewhere in Western Europe has been spotted and mitigated by FastNetMon. The firm says the attack peaked at a massive 1.5 billion packets per second, making it one of the largest packet-rate floods confirmed to date. FastNetMon says that the traffic was mainly a UDP flood sourced ...
- FBI: Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion
September 12, 2025
The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 and UNC6395, responsible for a rising number of data theft and extortion intrusions. Both groups have recently been observed targeting organizations’ Salesforce platforms via different initial access mechanisms. The ...
- Vietnam Investigates Hackers Targeting National Credit Database Exposing Sensitive Financial Data
September 12, 2025
Vietnam is investigating a serious cyberattack on a large database that contains information about creditors across the country. The database belongs to the National Credit Information Center, also known as CIC. This center is managed by the State Bank of Vietnam and is responsible for storing highly sensitive financial data. The information inside the database includes ...
- Israel: Dozens of actors fall victim to Iranian phishing attack
September 12, 2025
Dozens of Israeli actors have fallen victim to a phishing attack believed to originate from Iranian sources. According to a statement from the National Cyber Directorate, the actors were asked to submit filmed auditions and sensitive personal information—including photos of ID cards and passports—after receiving emails posing as a casting call for a new film by ...