惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
Recent Commits to openclaw:main
Recent Commits to openclaw:main
D
Docker
博客园 - 司徒正美
MyScale Blog
MyScale Blog
S
SegmentFault 最新的问题
A
About on SuperTechFans
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Blog — PlanetScale
Blog — PlanetScale
N
Netflix TechBlog - Medium
Google DeepMind News
Google DeepMind News
博客园 - 聂微东
The Register - Security
The Register - Security
P
Proofpoint News Feed
U
Unit 42
J
Java Code Geeks
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
T
The Blog of Author Tim Ferriss
Martin Fowler
Martin Fowler
H
Help Net Security
博客园 - Franky
博客园 - 【当耐特】
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
L
LangChain Blog
Vercel News
Vercel News
美团技术团队
Last Week in AI
Last Week in AI
WordPress大学
WordPress大学
B
Blog RSS Feed
The Last Watchdog
The Last Watchdog
Help Net Security
Help Net Security
Webroot Blog
Webroot Blog
PCI Perspectives
PCI Perspectives
S
Security Affairs
S
Secure Thoughts
Apple Machine Learning Research
Apple Machine Learning Research
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Microsoft Azure Blog
Microsoft Azure Blog
T
Troy Hunt's Blog
小众软件
小众软件
Stack Overflow Blog
Stack Overflow Blog
F
Full Disclosure
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
大猫的无限游戏
大猫的无限游戏
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Hacker News: Ask HN
Hacker News: Ask HN
G
Google Developers Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
D
DataBreaches.Net

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
AI-powered cyberattack kits are 'just a matter of time'
Connor Jones Connor Jones · 2026-01-24 · via The Register - Security: CSO

CSO

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years

CISOs must prepare for "a really different world" where cybercriminals can reliably automate cyberattacks at scale, according to a senior Googler.

Heather Adkins, veep of security engineering at the ad and cloud giant, said it probably won't be for a few years to come, but cybercriminals are already using AI to enhance small parts of their workflows, and it won't be long before a full, end-to-end toolkit is developed.

In a conversation held on the Google Cloud Security podcast, Adkins pointed out that crooks are already using AI for small tasks - grammar, spell-checking phishing copy and other productivity enhancements.

"It's just a matter of time before somebody puts all of these things together, end-to-end," she said. "And what I fear the most is somebody developing the capability to prompt a model to hack any company, and the model being able to come back in a week with a root prompt. If that ends up happening, I think it'll be a slow ramp over the next six to 18 months.

"We're also seeing defense pick up the same tools and use them for the same purposes, so it may not feel as shocking. Of course, things could go very differently, but these are the things that should be on everyone's mind and we should be getting ready for a really different world."

Google Threat Intelligence Group (GTIG) published an overview of the most recent developments in how attackers are experimenting with AI, noting that malware families are already using LLMs to generate commands in order to steal victim data.

Sandra Joyce, VP at GTIG, added that China, Iran, and North Korea are all abusing AI tools to aid different stages of their respective attacks. These include initial network reconnaissance and C2 development, as well as the aforementioned phishing copy and data-stealing commands.

The fear among senior Googlers is that these small components will be chained together and provide similar functionality to today's exploit kits.

Anton Chuvakin, security advisor at Google's office of the CISO, said: "To me, the more serious threat isn't the APT, it's the Metasploit moment [when exploit frameworks became easily accessible 20 years ago]. I worry about the democratization of threats."

Exploit kits such as Metasploit and Cobalt Strike started out as legitimate pentesting tools, but cracked versions soon made their way into attackers' hands, making their post-compromise lives significantly easier. Experts fear a similar end once AI-powered toolkits are acquired by the wrong people.

For Adkins, a worst-case scenario of an AI-enabled attack could look something like a Morris worm-type event that spreads an autonomously executing ransomware toolkit, encrypting computers en masse, for example.

"Or it could look something like the Conficker worm that didn't really do anything, but everybody still panicked and wrote thousand-page government reports on it," she added.

"Maybe an altruistic person unleashes it on the world and it patches a bunch of bugs. It really just depends on who puts the pieces together, and their motives."

As for now, LLMs are still struggling with the basics. From discerning right from wrong, to more technical wrinkles like being unable to switch from strange thought paths when looking for vulnerabilities, AI requires some progress before we see the best or worst of it.

However, when or if that day comes, attackers may gain an even greater first-mover advantage over defenders. When criminals can prompt an AI tool to compromise a given organization, leaving the victim little time to respond, that could force the good guys to redefine success in the post-AI era.

Post-AI cyber success may not be measured by whether an attacker breaks into a network, but by how long they are inside, and by how little damage they can cause.

Adkins said that in a cloud context, AI-enabled defenses should simply turn off an instance if it detects malicious activity, but implementing these systems will have to be done carefully so as not to cause problems.

"We're going to have to put these intelligent reasoning systems behind real-time decision-making and disrupt decision-making on the ground, without causing reliability problems," she said. "Maybe you need human approval. Or you shut down one instance and turn up another one.

"There are options other than just the on/off switch, but we have to start reasoning about real-time disruption capabilities or degradation, and use the whole information operations playbook to change the battlefield to confuse AI attackers. Particularly because they're stumbling around in the dark a little bit and may be less resilient than human attackers." ®