283/68 Wednesday, August 6, 2025
The latest 2025 Threat Hunting Report from CrowdStrike reveals that hacker groups around the world – both state-sponsored and cybercriminal (eCrime) – are increasingly leveraging Generative AI (GenAI) to enhance the sophistication and effectiveness of their cyberattacks. These AI-driven threats are expanding across areas such as social engineering, malware development, identity spoofing, and even attacks on organizations’ own AI systems, such as the exploitation of Langflow AI (CVE-2025-3248), which allows for remote code execution without authentication.
One notable example is the North Korean hacker group “Famous Chollima,” which reportedly used GenAI to impersonate IT professionals applying for jobs at international organizations to gain insider access. CrowdStrike uncovered over 320 such incidents in the past year, where AI was used to craft convincing résumés, generate deepfake video for interviews, communicate fluently in English, and automate work tasks using tools like Copilot – making the attackers appear as legitimate employees.
CrowdStrike emphasizes that the rise in AI-driven attacks doesn’t mean AI is replacing traditional hacking methods, but rather enhancing their effectiveness. AI has become a core infrastructure of modern cyber threats, expanding the attack surface as organizations become more dependent on AI technologies. The report urges organizations to strengthen identity verification processes for job applicants, implement real-time deepfake detection, secure remote access, and train staff to recognize and respond to AI-powered cyber threats.
Source https://www.darkreading.com/remote-workforce/threat-actors-leaning-genai-tools
