惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
Spread Privacy
Spread Privacy
T
The Exploit Database - CXSecurity.com
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy & Cybersecurity Law Blog
L
LINUX DO - 热门话题
T
Threat Research - Cisco Blogs
T
Tenable Blog
TaoSecurity Blog
TaoSecurity Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
AI
AI
P
Proofpoint News Feed
A
About on SuperTechFans
P
Privacy International News Feed
月光博客
月光博客
雷峰网
雷峰网
S
Secure Thoughts
博客园 - 叶小钗
博客园 - 聂微东
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Project Zero
Project Zero
The Cloudflare Blog
SecWiki News
SecWiki News
The Hacker News
The Hacker News
V
Vulnerabilities – Threatpost
罗磊的独立博客
A
Arctic Wolf
阮一峰的网络日志
阮一峰的网络日志
Know Your Adversary
Know Your Adversary
酷 壳 – CoolShell
酷 壳 – CoolShell
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Troy Hunt's Blog
The Last Watchdog
The Last Watchdog
Schneier on Security
Schneier on Security
小众软件
小众软件
有赞技术团队
有赞技术团队
博客园 - 司徒正美
T
Tailwind CSS Blog
量子位
C
Cybersecurity and Infrastructure Security Agency CISA
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Hugging Face - Blog
Hugging Face - Blog
人人都是产品经理
人人都是产品经理
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
S
Security @ Cisco Blogs
大猫的无限游戏
大猫的无限游戏
S
SegmentFault 最新的问题
Apple Machine Learning Research
Apple Machine Learning Research
宝玉的分享
宝玉的分享
L
Lohrmann on Cybersecurity

Cyber Daily News

Exclusive: Aussie car part importer Strategic Imports allegedly breached by threat actors New South Wales, other states, investigating Instructure/Canvas data breach Australian Cyber Security Centre warns of ClickFix campaign leveraging Australian infrastructure OpenAI partners with PwC to assist CFOs with AI agents Queensland Department of Education confirms students & staff impacted by ShinyHunters data breach ACMA takes action against SpinTel & Yomojo over mobile number fraud violations The Industry Speaks, Part 1: World Password Day 2026 Qualys and Converge tie cyber insurance pricing to real-time security posture Fakeout: Iranian APT caught hiding behind Chaos ransomware activity Exclusive: Australian energy management firm allegedly breached by SafePay APRA warns of cyber and governance risk due to lagging AI risk management Op-Ed: Australia’s next budget must treat cyber resilience as essential infrastructure Real estate giant Cushman & Wakefield confirms cyber incident, Qilin and ShinyHunters claim attack CrowdStrike expands Project QuiltWorks as more partners join AI security coalition Hacked: ALS discloses cyber incident, unauthorised access to IT systems Microsoft the main target of AI phishing attacks, report uncovers Attackers increasingly turning to trusted security tools to compromise Aussie victims Exclusive: Champion Homes confirms customer data compromised in “cyber event” Australia, Japan commit to partnership to meet cyber security challenges & strengthen cyber defences NSW Treasury cyber incident contained, impact no longer ‘significant’ Report: AI-based data incidents on the rise in Australia WA rental scam surge: Tenants targeted with fake $500 discount trap Aussie Information Commissioner launches Privacy Awareness Week 2026 Unregistered branded text messages to be labelled ‘Unverified’ from 1 July US Federal Reserve outlines AI's influence on the finance sector Exclusive: Major Australian jewellery brand confirms cyber incident Australian government establishes new Cyber Incident Review Board Watch this! Komari server monitor tool abused by hackers Act Now! ACSC warns of active exploitation of cPanel & WHM critical vulnerability Exclusive: Kiwi electrical contractor confirms cyber attack Over 1 in 2 firms have AI privacy concerns: Intuit Exclusive: Prime Properties listed as breach victim by M3rx ransomware Anthropic launches dedicated Claude Security platform to public beta DigiCert launches AI Trust architecture to secure agents, models, and content ‘Rebuilding the enterprise’: How CEOs are preparing for automation Op-Ed: Redefining performance in the AI-powered SOC Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment NZ council cyber attack leads to ID and financial data being exposed ‘Building confidence’: The key to effective AI implementation Vect unveiled: Inside an emerging ransomware group’s affiliate network Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims US Department of War launches cyber-focused apprenticeship program CrowdStrike launches Project QuiltWorks to tackle skyrocketing AI-discovered vulnerabilities Australian government stands up new ‘tripartite forum’ to tackle AI challenges in the workforce Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce Report: Aussie small businesses doing it tough as job scams double, losses rise Cyber attacks on medical devices pose ‘significant’ impact on real-life patient care Twisted Firestarter! Aussie, US, and UK cyber agencies warn of Cisco malware campaign Generation Life informs customers of “cyber incident” as owner shares incident with ASX CBA launches new scam-finding AI agent Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations ANZ appoints its first chief AI officer Westpac appoints Chief AI Innovation Officer as part of technology push ADF strengthens skills as Cyber Command marks 2 years of operation Sri Lankan government hack sees $3.7m destined for Australia stolen Outsiders are already accessing Anthropic’s new AI model, but is Claude Mythos really that powerful? CrowdStrike extends cloud threat detection to Google Cloud Hey big spender! Microsoft to invest $25bn in Australian AI infrastructure AI adoption highest for finance and property SMEs, says NAB Genetec marks Sydney milestone with visit by high commissioner of Canada to Australia Rental platform under fire for collecting excessive personal data Exclusive: SA genealogical research firm confirms cyber incident following SafePay ransom claims Q&A: Quantum cryptography will be a “Y2k times 10 problem,” says DigiCert CEO PentenAmio announces acquisition of Armour Communications Exclusive: Aussie passports compromised in alleged Favelle Favco data breach Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says Treasury staffer charged for NSW government data breach Op-Ed: AI won’t patch the holes in your SOC AI is helping young investors get into the property market Australia’s financial regulators are keeping a close eye on Mythos Game on! More than a third of FIFA World Cup 2026 partners expose Aussies to email fraud risk Dark web markets: A complete Aussie identity costs as little as $200 Your next car may be designed by AI Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group Report: Data collection by school-backed apps in Australia is out of control and a risk to kids Kinetic IT appoints Kishore Jayaram in new chief transformation officer role Anthropic launches Claude Opus 4.7 as researchers reveal fake Claude installer spreading malware Australian Federal Court embraces AI in new practice note FOI docs reveal information commissioner’s concerns over Age Assurance Technology Trial Mortgage fraud now harder to detect thanks to AI McGraw Hill confirms ShinyHunters breach, won’t confirm if any Aussie customers impacted Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway Op-Ed: Australia inspired the EU’s online age restrictions, now it’s time for us to learn from them National Defence Strategy 2026: Spending on military cyber capability to reach at least $15bn Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware Anthropic co-founder confirms Trump admin was informed about Mythos AI model European Commission’s new age verification app removes privacy risk of third-party data collection Op-Ed: ASIO has broken its silence on cyber crime, and you should listen Too-hard basket: NIST to scale back CVE updates as vulnerabilities soar OpenAI launches GPT 5.4-Cyber in response to Anthropic Glasswing CHROs must lead the AI transformation, AI CEO says Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities Latitude Financial faces $3.96m fine over spam law breaches Kid stuff: Roblox to introduce safety improvements following Aus government warnings ADF joins international military exercise focused on cyber resilience and multi-domain operations WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands ‘pay or leak’ Exclusive: Gunra ransomware lists Eric Davis Dental as breach victim Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom US Treasury launches intelligence-sharing initiative with crypto companies Citigroup says AI speeds up new account openings
Op-Ed: Criminal AI doesn’t need super hackers
hackers By Douglas McKee, Director of Vulnerability Intelligence · 2026-06-12 · via Cyber Daily News

The cyber industry has a bad habit of arguing with the movie trailer instead of watching the whole movie.

We keep talking about criminal AI like the big moment will be a fully autonomous, hoodie-wearing supermodel that wakes up, finds a zero-day, writes the exploit, pivots through your environment, steals your data, negotiates with legal, and then celebrates with a nice cup of coffee.

Could that kind of autonomy matter someday? Sure. I’m not planting a flag on “never”. That’s how you end up very wrong on the internet.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

But that’s not what defenders should be losing sleep over right now.

The real issue is much simpler, as AI is making ordinary criminals more productive. Sound familiar? It is the same thing that AI is doing for ordinary people.

Criminals don’t need a magical AI super hacker if they can get a tool that writes better phishing emails, translates scams into 20 languages, summarises stolen documents, generates fake invoices, builds believable business email compromise pretexts, or coaches them through a fraud workflow. That’s not science fiction. That’s productivity software with terrible ethics.

That distinction matters.

But don’t take my word for it. If you want to stop shadowboxing with hypotheticals and see how threat actors are actually packaging, pricing, and weaponising criminal AI-as-a-service today, read the full analysis written by Rapid7’s senior security researcher, Jeremy Makowski.

The threat is friction disappearing

A lot of security conversations still focus on whether AI can write malware or find vulnerabilities at a high level. That’s useful research, and obviously, I care about vulnerability discovery. I spend a good chunk of my life staring at weird bugs and asking, “What’s that all about?”

But for criminal operations, the first-order impact is not always the most technically impressive thing. It’s the thing that removes friction. Most criminal operations are workflows. Annoying, repetitive, very human workflows. Again, sound familiar?

Find a target. Write the lure. Make the message sound local. Build the pretext. Reply convincingly. Sort through stolen data. Figure out who approves payments. Figure out which internal project sounds urgent enough to abuse. Keep the victim engaged long enough to get the outcome. None of which requires an advanced threat actor. It requires time, language skills, patience, and enough discipline not to trip over yourself. Turns out LLMs are really good at all of that.

People often say AI “lowers the skill floor”. That’s true, but it undersells the problem. AI does not just let the worst criminals participate. It lets mediocre criminals produce better work on a larger scale. That’s a nasty combination. It’s like giving every threat actor in the fraud ecosystem a junior analyst, a copy editor, a translator, and a pretext coach. Is it elegant? No. But if it works, who cares? Criminals certainly don’t.

We saw exactly how devastating this friction-free execution can be in the 2024 Hong Kong deepfake heist. An ordinary finance worker was tricked into siphoning US$25 million after joining a video conference call where every single colleague on the screen, including the CFO, was an AI-generated clone. It wasn’t a rogue super-intelligence hacking into a mainframe; it was a highly polished, AI-driven social engineering workflow that effortlessly bypassed human intuition.

Criminal AI-as-a-service is mostly packaging

The underground economy does not need every tool to be brilliant. It needs tools that are easy to access, easy to pay for, and easy to plug into existing criminal workflows.

That’s why “criminal AI-as-a-service” is less about some new superpower and more about packaging. Telegram bots. Prompt packs. Wrappers around mainstream models. Stolen accounts. Jailbroken interfaces. Subscriptions that promise better phishing, better impersonation, better summaries, or better fraud scripts.

Not glamorous yet very useful. This is the part defenders sometimes miss. Mature criminal markets love boring efficiency. A polished lure generated in thirty seconds may be worth more than an exotic exploit chain that only works ten per cent of the time.

I know we all like the sexy technical stuff. I’m guilty of that, too. Give me a weird, embedded device and debug symbols someone accidentally left in firmware, thank you very much, and I’ll happily disappear into the lab. But most criminals are not trying to win a Pwn2Own trophy.

They’re trying to make money.

AI helps them make money by making existing attacks cheaper and easier to repeat.

The stolen AI account problem

Stolen AI accounts and hijacked API keys are not just another SaaS credential problem. Yes, there is absolutely nothing new about stolen credentials. We have been dealing with that mess forever. But AI account credentials can also become a knowledge compromise problem.

Enterprise AI systems often contain uploaded files, prompts, source code, planning documents, customer data (yes, even though everyone’s policy forbids it), internal analysis, and all kinds of “I probably should not have pasted that there” material. When an attacker compromises an AI account, they may not just get access to a model. They may get access to the context, automation, and trust your organisation has been feeding into it.

That is a very different kind of risk.

If I compromise a normal business app, I get the data in that app. If I compromise an AI workspace, I may get the questions your employees were asking, the documents they were analysing, the code they were debugging, and the assumptions they were trying to test.

Now take that one step further. If that AI account is wired into automated workflows, ticketing systems, code review, customer support, security triage, data enrichment, or internal knowledge bases, I may also inherit the permissions and trust relationships wrapped around those workflows. The model may not be “privileged” in the traditional sense, but the workflow around it might be. And attackers love that kind of gap.

That should make security teams uncomfortable.

What to actually defend

So, what do we do with all of this?

First, stop treating criminal AI like it only matters when it becomes autonomous. That framing misses the point. The practical risk is not a model replacing the attacker. It is a model helping the attacker move faster through workflows that already work.

That means the defensive work is not magical either.

Secure AI accounts and API keys. Treat AI workspaces like sensitive systems, because they are. Review what data users can upload, what prompts are retained, what workflows AI tools can touch, and what trust those workflows inherit.

Harden the places where your business already relies on human trust, such as payment changes, vendor onboarding, password resets, helpdesk approvals, executive requests, customer support, and security triage. If “this sounds right” is part of the control, that control is getting weaker.

Update incident response playbooks to include AI account compromise, prompt injection, data extraction, synthetic media, and abuse of automated workflows. Monitor GenAI applications like they are part of the attack surface, because at this point, they are.

The future threat may be autonomous.

The current threat is efficient.

And efficient criminals are bad enough.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.