The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Massive leak of over 115 million US payment cards caused by Chinese “smishing” hackers
August 10, 2025
A wave of advanced phishing campaigns, traced to Chinese-speaking cybercriminal syndicates, may have compromised up to 115 million US payment cards in just over a year, experts have warned. Researchers at SecAlliance revealed these operations represent a growing convergence of social engineering, real-time authentication bypasses, and phishing infrastructure designed to scale. Investigators have identified a figure ...
- Bouygues Telecom data breach could affect millions of customers
August 8, 2025
French telco giatn Bouygues Telecom has confirmed suffering a cyberattack in which it lost sensitive customer data. In a short announcement published on its website, the company said it detected the attack on August 4, and following an investigation, determined threat actors stole people’s contact details, contract data, civil status data (or company details), and IBAN ...
- Google says UNC6040 hackers stole some of its data following Salesforce breach
August 7, 2025
Cybercriminals known as ShinyHunters (UNC6040) recently broke into Google and stole business customer information from one of its corporate Salesforce instances, the company has confirmed. In a blog post breaking down ShinyHunters’ modus operandi, the company somewhat played down the importance of the incident, noting the miscreants didn’t really grab anything sensitive, or of particular value. Read ...
- Hacker used a voice phishing attack to steal Cisco customers’ personal information
August 5, 2025
A cybercriminal tricked a Cisco representative into granting them access to steal the personal information of Cisco.com users, the company said on Tuesday. Cisco said it discovered the breach on July 24, blaming the incident on a voice phishing or “vishing” call. The hackers accessed and exported “a subset of basic profile information” from the database ...
- Dangerous new Linux malware strikes – thousands of users see passwords, personal info stolen
August 5, 2025
A brand new Linux malware has been found infecting thousands of computers around the world, stealing people’s login credentials, payment information, and browser cookies, security researchers are warning. SentinelLabs and Beazley Security issued a joint report detailing the activities of PXA Stealer, a new Python-based infostealer for the Linux platform. It was first spotted in late ...
- Thailand-Cambodia conflict: Ceasefire fails online
August 4, 2025
Thailand and Cambodia may have reached a ceasefire to halt their border clashes, but cyber warriors are still battling online, daubing official websites with obscenities, deluging opponents with spam and taking pages down. The five-day conflict left more than 40 people dead and drove more than 300,000 from their homes. It also kicked off a disinformation ...