The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cambodia: Authorities arrest over 3,000 suspects in nationwide online scam crackdown
July 23, 2025
The Secretariat of the Commission for Combating Online Scams (CCOS) presented the results of an operation to suppress online scam activities across the Kingdom of Cambodia yesterday. After CCOS’s initial meeting on June 27 and Prime Minister Hun Manet’s strict directive on July 15, the Unified Administrative Command in all 25 capital and provincial administrations took ...
- Q2 2025 Ransomware Trends Analysis: Boom and Bust
July 22, 2025
Q2 2025 features many of the threat actors Rapid7 observed in Q1, with the top four leak site post groups quite a ways out in front of the rest. Qilin leads the pack by some distance, with SafePay and Akira in second place, and Play in third position. Lynx and INC Ransom lead the charge in ...
- #StopRansomware: Interlock
July 22, 2025
Since September 2024, Interlock ransomware actors have impacted a wide range of businesses and critical infrastructure sectors in North America and Europe. These actors are opportunistic and financially motivated in nature and employ tactics to infiltrate and disrupt the victim’s ability to provide their essential services. Interlock actors leverage a double extortion model, in which they ...
- Weak password allowed hackers to sink a 158-year-old company
July 21, 2025
One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work. KNP – a Northamptonshire transport company – is just one of tens of thousands of UK businesses that have been hit by such attacks. Big names such as M&S, Co-op ...
- Hong Kong’s PCPD launches investigation into LVHK data breach case
July 21, 2025
French luxury brand Louis Vuitton recently reported a data breach affecting nearly 420,000 customers in Hong Kong, according to a Sunday report by a local newspaper. According to Xianggang Wenweipo, Hong Kong’s Office of the Privacy Commissioner for Personal Data (PCPD) said on Saturday that it received a notification from Louis Vuitton Hong Kong (LVHK) on ...
- Ransomware gang attacking NAS devices taken down in major police operation
July 18, 2025
A 44-year-old Romanian national has been arrested during a law enforcement operation to dismantle a ransomware campaign called “Diskstation”. Diskstation usually targets Synology Network-Attached Storage (NAS) devices, often used in an enterprise environment for centralized file storage and sharing, data backup and recovery, and general content hosting. The group was first spotted in 2021, and has ...