惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Archives - TechRepublic
Security Archives - TechRepublic
C
CERT Recently Published Vulnerability Notes
Cisco Talos Blog
Cisco Talos Blog
Security Latest
Security Latest
S
Securelist
C
CXSECURITY Database RSS Feed - CXSecurity.com
MongoDB | Blog
MongoDB | Blog
罗磊的独立博客
有赞技术团队
有赞技术团队
Last Week in AI
Last Week in AI
L
LINUX DO - 最新话题
美团技术团队
Hacker News - Newest:
Hacker News - Newest: "LLM"
博客园 - 司徒正美
云风的 BLOG
云风的 BLOG
PCI Perspectives
PCI Perspectives
C
Cisco Blogs
G
Google Developers Blog
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
Jina AI
Jina AI
www.infosecurity-magazine.com
www.infosecurity-magazine.com
O
OpenAI News
Attack and Defense Labs
Attack and Defense Labs
The GitHub Blog
The GitHub Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
The Cloudflare Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
S
Schneier on Security
Y
Y Combinator Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Secure Thoughts
博客园 - Franky
雷峰网
雷峰网
N
News and Events Feed by Topic
B
Blog
J
Java Code Geeks
Project Zero
Project Zero
人人都是产品经理
人人都是产品经理
W
WeLiveSecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Webroot Blog
Webroot Blog
S
Security Affairs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
宝玉的分享
宝玉的分享
P
Privacy International News Feed
Forbes - Security
Forbes - Security
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Hacker News: Ask HN
Hacker News: Ask HN

Cyber Daily News

Real estate giant Cushman & Wakefield confirms cyber incident, Qilin and ShinyHunters claim attack CrowdStrike expands Project QuiltWorks as more partners join AI security coalition Attackers increasingly turning to trusted security tools to compromise Aussie victims Exclusive: Champion Homes confirms customer data compromised in “cyber event” Australia, Japan commit to partnership to meet cyber security challenges & strengthen cyber defences NSW Treasury cyber incident contained, impact no longer ‘significant’ Report: AI-based data incidents on the rise in Australia WA rental scam surge: Tenants targeted with fake $500 discount trap Aussie Information Commissioner launches Privacy Awareness Week 2026 Unregistered branded text messages to be labelled ‘Unverified’ from 1 July US Federal Reserve outlines AI's influence on the finance sector Exclusive: Major Australian jewellery brand confirms cyber incident Australian government establishes new Cyber Incident Review Board Watch this! Komari server monitor tool abused by hackers Act Now! ACSC warns of active exploitation of cPanel & WHM critical vulnerability Exclusive: Kiwi electrical contractor confirms cyber attack Over 1 in 2 firms have AI privacy concerns: Intuit Exclusive: Prime Properties listed as breach victim by M3rx ransomware Anthropic launches dedicated Claude Security platform to public beta DigiCert launches AI Trust architecture to secure agents, models, and content ‘Rebuilding the enterprise’: How CEOs are preparing for automation Op-Ed: Redefining performance in the AI-powered SOC Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment NZ council cyber attack leads to ID and financial data being exposed ‘Building confidence’: The key to effective AI implementation Vect unveiled: Inside an emerging ransomware group’s affiliate network Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims US Department of War launches cyber-focused apprenticeship program CrowdStrike launches Project QuiltWorks to tackle skyrocketing AI-discovered vulnerabilities Australian government stands up new ‘tripartite forum’ to tackle AI challenges in the workforce Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce Report: Aussie small businesses doing it tough as job scams double, losses rise Cyber attacks on medical devices pose ‘significant’ impact on real-life patient care Twisted Firestarter! Aussie, US, and UK cyber agencies warn of Cisco malware campaign Generation Life informs customers of “cyber incident” as owner shares incident with ASX CBA launches new scam-finding AI agent Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations ANZ appoints its first chief AI officer Westpac appoints Chief AI Innovation Officer as part of technology push ADF strengthens skills as Cyber Command marks 2 years of operation Sri Lankan government hack sees $3.7m destined for Australia stolen Outsiders are already accessing Anthropic’s new AI model, but is Claude Mythos really that powerful? CrowdStrike extends cloud threat detection to Google Cloud Hey big spender! Microsoft to invest $25bn in Australian AI infrastructure AI adoption highest for finance and property SMEs, says NAB Genetec marks Sydney milestone with visit by high commissioner of Canada to Australia Rental platform under fire for collecting excessive personal data Exclusive: SA genealogical research firm confirms cyber incident following SafePay ransom claims Q&A: Quantum cryptography will be a “Y2k times 10 problem,” says DigiCert CEO PentenAmio announces acquisition of Armour Communications Exclusive: Aussie passports compromised in alleged Favelle Favco data breach Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says Treasury staffer charged for NSW government data breach Op-Ed: AI won’t patch the holes in your SOC AI is helping young investors get into the property market Australia’s financial regulators are keeping a close eye on Mythos Game on! More than a third of FIFA World Cup 2026 partners expose Aussies to email fraud risk Dark web markets: A complete Aussie identity costs as little as $200 Your next car may be designed by AI Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group Braclays warns that Mythos could prove a problem for larger banks with legacy systems Report: Data collection by school-backed apps in Australia is out of control and a risk to kids Kinetic IT appoints Kishore Jayaram in new chief transformation officer role Anthropic launches Claude Opus 4.7 as researchers reveal fake Claude installer spreading malware Australian Federal Court embraces AI in new practice note FOI docs reveal information commissioner’s concerns over Age Assurance Technology Trial Mortgage fraud now harder to detect thanks to AI McGraw Hill confirms ShinyHunters breach, won’t confirm if any Aussie customers impacted Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway Op-Ed: Australia inspired the EU’s online age restrictions, now it’s time for us to learn from them National Defence Strategy 2026: Spending on military cyber capability to reach at least $15bn Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware Anthropic co-founder confirms Trump admin was informed about Mythos AI model European Commission’s new age verification app removes privacy risk of third-party data collection Op-Ed: ASIO has broken its silence on cyber crime, and you should listen Too-hard basket: NIST to scale back CVE updates as vulnerabilities soar OpenAI launches GPT 5.4-Cyber in response to Anthropic Glasswing CHROs must lead the AI transformation, AI CEO says Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities Kid stuff: Roblox to introduce safety improvements following Aus government warnings ADF joins international military exercise focused on cyber resilience and multi-domain operations The workforces impacted by the ‘AI axe’ OpenAI CEO’s home targeted in attempted drive-by just days after Molotov attack Report: Aussie youth increasingly turning to AI for mental health advice Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims Booking.com confirms cyber incident, customer reservation data potentially compromised Report: Majority of CISOs not ready for the next big cyber attack Exclusive: Aboriginal community organisation confirms cyber incident following INC Ransom claims AMP to ‘embrace’ AI as tech reshapes banking WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands ‘pay or leak’ Exclusive: Gunra ransomware lists Eric Davis Dental as breach victim Op-Ed: Why zero trust for OT should start at the boundary, not the boiler room Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom US Treasury launches intelligence-sharing initiative with crypto companies Citigroup says AI speeds up new account openings Cyber war: Pro-Iranian hackers vow to fight on despite a fragile ceasefire with the US Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware Game on! Nationwide student competition aims to tackle Australia’s cyber skills gap Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation Atlassian’s Confluence gets a dose of AI as standard SaaS loses steam
Op-Ed: Criminal AI doesn’t need super hackers
hackers By Douglas McKee, Director of Vulnerability Intelligence · 2026-06-12 · via Cyber Daily News

The cyber industry has a bad habit of arguing with the movie trailer instead of watching the whole movie.

We keep talking about criminal AI like the big moment will be a fully autonomous, hoodie-wearing supermodel that wakes up, finds a zero-day, writes the exploit, pivots through your environment, steals your data, negotiates with legal, and then celebrates with a nice cup of coffee.

Could that kind of autonomy matter someday? Sure. I’m not planting a flag on “never”. That’s how you end up very wrong on the internet.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

But that’s not what defenders should be losing sleep over right now.

The real issue is much simpler, as AI is making ordinary criminals more productive. Sound familiar? It is the same thing that AI is doing for ordinary people.

Criminals don’t need a magical AI super hacker if they can get a tool that writes better phishing emails, translates scams into 20 languages, summarises stolen documents, generates fake invoices, builds believable business email compromise pretexts, or coaches them through a fraud workflow. That’s not science fiction. That’s productivity software with terrible ethics.

That distinction matters.

But don’t take my word for it. If you want to stop shadowboxing with hypotheticals and see how threat actors are actually packaging, pricing, and weaponising criminal AI-as-a-service today, read the full analysis written by Rapid7’s senior security researcher, Jeremy Makowski.

The threat is friction disappearing

A lot of security conversations still focus on whether AI can write malware or find vulnerabilities at a high level. That’s useful research, and obviously, I care about vulnerability discovery. I spend a good chunk of my life staring at weird bugs and asking, “What’s that all about?”

But for criminal operations, the first-order impact is not always the most technically impressive thing. It’s the thing that removes friction. Most criminal operations are workflows. Annoying, repetitive, very human workflows. Again, sound familiar?

Find a target. Write the lure. Make the message sound local. Build the pretext. Reply convincingly. Sort through stolen data. Figure out who approves payments. Figure out which internal project sounds urgent enough to abuse. Keep the victim engaged long enough to get the outcome. None of which requires an advanced threat actor. It requires time, language skills, patience, and enough discipline not to trip over yourself. Turns out LLMs are really good at all of that.

People often say AI “lowers the skill floor”. That’s true, but it undersells the problem. AI does not just let the worst criminals participate. It lets mediocre criminals produce better work on a larger scale. That’s a nasty combination. It’s like giving every threat actor in the fraud ecosystem a junior analyst, a copy editor, a translator, and a pretext coach. Is it elegant? No. But if it works, who cares? Criminals certainly don’t.

We saw exactly how devastating this friction-free execution can be in the 2024 Hong Kong deepfake heist. An ordinary finance worker was tricked into siphoning US$25 million after joining a video conference call where every single colleague on the screen, including the CFO, was an AI-generated clone. It wasn’t a rogue super-intelligence hacking into a mainframe; it was a highly polished, AI-driven social engineering workflow that effortlessly bypassed human intuition.

Criminal AI-as-a-service is mostly packaging

The underground economy does not need every tool to be brilliant. It needs tools that are easy to access, easy to pay for, and easy to plug into existing criminal workflows.

That’s why “criminal AI-as-a-service” is less about some new superpower and more about packaging. Telegram bots. Prompt packs. Wrappers around mainstream models. Stolen accounts. Jailbroken interfaces. Subscriptions that promise better phishing, better impersonation, better summaries, or better fraud scripts.

Not glamorous yet very useful. This is the part defenders sometimes miss. Mature criminal markets love boring efficiency. A polished lure generated in thirty seconds may be worth more than an exotic exploit chain that only works ten per cent of the time.

I know we all like the sexy technical stuff. I’m guilty of that, too. Give me a weird, embedded device and debug symbols someone accidentally left in firmware, thank you very much, and I’ll happily disappear into the lab. But most criminals are not trying to win a Pwn2Own trophy.

They’re trying to make money.

AI helps them make money by making existing attacks cheaper and easier to repeat.

The stolen AI account problem

Stolen AI accounts and hijacked API keys are not just another SaaS credential problem. Yes, there is absolutely nothing new about stolen credentials. We have been dealing with that mess forever. But AI account credentials can also become a knowledge compromise problem.

Enterprise AI systems often contain uploaded files, prompts, source code, planning documents, customer data (yes, even though everyone’s policy forbids it), internal analysis, and all kinds of “I probably should not have pasted that there” material. When an attacker compromises an AI account, they may not just get access to a model. They may get access to the context, automation, and trust your organisation has been feeding into it.

That is a very different kind of risk.

If I compromise a normal business app, I get the data in that app. If I compromise an AI workspace, I may get the questions your employees were asking, the documents they were analysing, the code they were debugging, and the assumptions they were trying to test.

Now take that one step further. If that AI account is wired into automated workflows, ticketing systems, code review, customer support, security triage, data enrichment, or internal knowledge bases, I may also inherit the permissions and trust relationships wrapped around those workflows. The model may not be “privileged” in the traditional sense, but the workflow around it might be. And attackers love that kind of gap.

That should make security teams uncomfortable.

What to actually defend

So, what do we do with all of this?

First, stop treating criminal AI like it only matters when it becomes autonomous. That framing misses the point. The practical risk is not a model replacing the attacker. It is a model helping the attacker move faster through workflows that already work.

That means the defensive work is not magical either.

Secure AI accounts and API keys. Treat AI workspaces like sensitive systems, because they are. Review what data users can upload, what prompts are retained, what workflows AI tools can touch, and what trust those workflows inherit.

Harden the places where your business already relies on human trust, such as payment changes, vendor onboarding, password resets, helpdesk approvals, executive requests, customer support, and security triage. If “this sounds right” is part of the control, that control is getting weaker.

Update incident response playbooks to include AI account compromise, prompt injection, data extraction, synthetic media, and abuse of automated workflows. Monitor GenAI applications like they are part of the attack surface, because at this point, they are.

The future threat may be autonomous.

The current threat is efficient.

And efficient criminals are bad enough.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.