From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks.
Just a few years ago, several cybersecurity reports proclaimed that there was minimal evidence that bad actors were using generative AI tools to launch new or more sophisticated cyber attacks. Indeed, statements were commonly made that highlighted the safeguards and guardrails that were being put in place to stop Internet-facing GenAI tools from inappropriate use or nefarious purposes.
But sadly, the situation has dramatically changed in the past year.
Now, in June 2025, media reports are being released almost daily that proclaim some new way that cyber attacks are being launched using sophisticated GenAI tools.
Indeed, some experts are beginning to fear that the bad actors are changing cyber attack tactics and using GenAI tools faster and more effectively than enterprises and individuals can adopt them.
VIBE HACKING
Let’s start with this recent Wired article: “The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare.” Vibe hacking is a kind of social engineering, the use of AI to manipulate human emotion or perception. Here’s an excerpt from the story:
“In the near future one hacker may be able to unleash 20 zero-day attacks on different systems across the world all at once. Polymorphic malware could rampage across a codebase, using a bespoke generative AI system to rewrite itself as it learns and adapts. Armies of script kiddies could use purpose-built LLMs to unleash a torrent of malicious code at the push of a button. …
“’We’re going to see vibe hacking. And people without previous knowledge or deep knowledge will be able to tell AI what it wants to create and be able to go ahead and get that problem solved,’ Katie Moussouris, the founder and CEO of Luta Security, tells WIRED.
“Better then, if you’re a bad actor, to just go to the source. ChatGPT, Gemini, and Claude are easily jailbroken. Most LLMs have guardrails that prevent them from generating malicious code, but there are whole communities online dedicated to bypassing those guardrails. Anthropic even offers a bug bounty to people who discover new ones in Claude.”
But while vibe hacking is not widespread yet, there are plenty of other examples to share:
“HP researchers in September reported that hackers had used AI to create a remote access Trojan. Referencing that report, [Gartner Distinguished VP Analyst Peter] Firstbrook said, ‘It would be difficult to believe that the attackers are not going to take advantage of using Gen AI to create new malware. We are starting to see that.’
“Attackers are also using AI in an even more insidious way: Creating fake open-source utilities and tricking developers into unknowingly incorporating the malicious code into their legitimate applications.”
“A novel attack technique named EchoLeak has been characterized as a ‘zero-click’ artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 (M365) Copilot’s context sans any user interaction.
“The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already addressed by Microsoft. There is no evidence that the shortcoming was exploited maliciously in the wild.”
“Fake AI-powered video generators are being used to spread infostealers and other types of malware, Google researchers have found.
“A group of cybercriminals created a network of fraudulent websites masquerading as cutting-edge AI tools and then bought ads on social media platforms to promote the sites, the researchers said.
“Experts from the tech giant’s Mandiant unit published a report backing previous assessments by Facebook and security firm Morphisec that identified a campaign designed to weaponize interest in AI tools that can generate videos based on user prompts.”
“AI-based social engineering attacks pose a growing risk as cybercriminals leverage advanced tools to enhance scams. Hacker groups use AI for live deepfake video calls, voice cloning, and AI-generated images to make scams more convincing. These technologies allow for large-scale automation of personalized attacks, increasing their reach and effectiveness.
“Social media platforms inadvertently serve as hubs for these criminals, who share scamming scripts and techniques in plain sight.”
“Google’s latest report reveals that advanced persistent threat (APT) groups from multiple nations, including Iran, China, North Korea, and Russia, have been experimenting with Gemini to streamline their cyber operations. From reconnaissance on potential targets to researching vulnerabilities and crafting malicious scripts, these AI-driven attacks are becoming more sophisticated. …
“Compounding the issue, alternative AI models lacking robust security controls are emerging, providing cybercriminals with powerful, unrestricted tools to facilitate hacking, phishing, and malware development.”
FINAL THOUGHTS
There are no easy buttons to push to fix these problems. We will be discussing ways that bad actors misuse technology for the rest of my blogging days, as was done with many technologies before, from Wi-Fi to cloud to the Internet of Things.
AI and GenAI tools are no different, and the best thing CISOs and other security and technology pros can do right now is get the awareness out regarding these vulnerabilities and cyber attack tactics. There is no doubt in my mind that we will be revisiting this topic in the months and years to come with more examples.
