The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A major security flaw in top eSIM system could put billions of devices at risk
July 14, 2025
Security researchers have discovered a vulnerability in eSIM technology used in virtually all smartphones and many other internet-connected, smart devices. In theory, the flaw could have been abused to intercept or manipulate communications, extract sensitive data, inject malicious applets, and more. There are more than two billion eSIM-enabled devices that could be potentially impacted by this ...
- CNN, BBC, and CNBC websites impersonated to scam people
July 14, 2025
Researchers have uncovered a large campaign impersonating news websites, such as those from CNN, BBC, CNBC, News24, and ABC News, to promote investment scams. Adding a well known brand to your scammy site is a tale as old as time, and gives it an air of legitimacy that increases the likelihood that people will click ...
- Medicare data breach exposes personal details of 100,000 Americans
July 12, 2025
Healthcare data continues to be a top target for cybercriminals. In June alone, two major breaches compromised over 13 million patient records. Now, a newly confirmed Medicare data breach has affected more than 100,000 Americans. The Centers for Medicare & Medicaid Services (CMS) sent letters this week to those affected, confirming that hackers accessed sensitive data ...
- Pro basketball player and 4 youths arrested in connection to ransomware crimes
July 10, 2025
Authorities in Europe have detained five people, including a former Russian professional basketball player, in connection with crime syndicates responsible for ransomware attacks. Until recently, one of the suspects, Daniil Kasatkin, played for MBA Moscow, a basketball team that’s part of the VTB United League, which includes teams from Russia and other Eastern European countries. Kasatkin ...
- UK: Arrests made after M&S, Co-op and Harrods cyber attacks
July 10, 2025
Four people, including three teenagers and a 20-year-old woman, have been arrested in connection with a wave of cyber attacks that crippled M&S, the Co-op and Harrods. The group allegedly unleashed ransomware that stole millions of customer records, shut down online orders and left supermarket shelves bare. The arrests included a 17-year-old British man from the ...
- GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
July 8, 2025
Unit 42 researchers uncovered a campaign by an initial access broker (IAB) to exploit leaked Machine Keys — cryptographic keys used on ASP.NET sites — to gain access to targeted organizations. IABs breach organizations and then sell that access to other threat actors. This report analyzes the tools used in these attacks. Palo Alto track this ...