The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed
September 9, 2025
In August 2025, Trend Micro investigated a new ransomware campaign orchestrated by The Gentlemen, an emerging and previously undocumented threat group. This threat actor quickly established itself within the threat landscape by demonstrating advanced capabilities through their systematic compromise of enterprise environments. By adapting their tools mid-campaign—shifting from generic anti-AV utilities to highly targeted, specific variants—the ...
- U.S. State Department offers up to $11 Million reward for Information about ransomware administrator charged with cybercrimes for deploying “Lockergoga,” “Nefilim,” and “Megacortex”
September 9, 2025
BROOKLYN, NY – Earlier today, a superseding indictment was unsealed charging Volodymyr Tymoshchuk, also known as “deadforz,” “Boba,” “msfv,” and “farnetwork,” a Ukrainian national, for his role in international ransomware schemes. Tymoshchuk is not in U.S. custody. Joseph Nocella, Jr., United States Attorney for the Eastern District of New York; Matthew R. Galeotti, Acting Assistant Attorney ...
- UK: Jeremy Clarkson’s Cotswolds pub targeted in cyber attack
September 7, 2025
Jeremy Clarkson’s pub has become the latest victim of cyber-criminals who managed to steal £27,000 from the establishment. The Farmer’s Dog fell prey to hackers who employed sophisticated methods to infiltrate the accounts of the Cotswolds venue during a recent digital assault. The criminals made off with the substantial sum in an attack reminiscent of those ...
- The growing debate over expanding age verification laws
September 6, 2025
Technologists and policymakers are reckoning with a generation-defining problem on the internet: while it can be a revolutionary force for unprecedented education and connection across the globe, it can also pose dangers to children when they have completely unfettered access. There is no simple way, however, to monitor children’s internet access without surveilling adults, paving the ...
- Columbia University data breach hits 870,000 people
September 6, 2025
Columbia University recently confirmed a major cyberattack that compromised personal, financial, and health-related information tied to students, applicants, and employees. The victims include current and former students, employees, and applicants. Notifications to affected individuals began on August 7 and are continuing on a rolling basis. Columbia, one of the oldest Ivy League universities, discovered the breach ...
- CMS Sitecore patches critical zero-day flaw
September 5, 2025
Popular CMS platform Sitecore has patched a critical zero-day vulnerability found to be being abused in cyberattacks. Security researchers from Mandiant observed threat actors exploiting a zero-day flaw to deploy malware, as well as other legitimate software. The flaw stemmed from the use of sample ASP.NET machine keys published in old deployment guides (pre-2017), and is ...