Report: AI is Supercharging Old-School Cybercriminal Tactics

  • Oct 13, 2025

AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic.

The 2025 Global Threat Report, based on more than 1 billion data points derived from real production environments, finds that generic threats — typically loaders built using AI — jumped 15.5% in the past year, while malicious code execution on Windows nearly doubled to 32.5%.

AI-created malware and easy access to stolen browser credentials are fueling a new class of bad actors who are less reliant on stealth attacks and are leaning into continuous, steady probes for entry into corporate networks.

“Attackers are shifting from stealth to speed, launching waves of opportunistic attacks with minimal effort,” said Devon Kerr, head of Elastic Security Labs and director of Threat Research. “This evolution shows how urgent it is for defenders to harden identity protections and to adapt their detection strategies for this new era of speed attacks.”

Key Findings

Browsers are the new front line

One in eight malware samples targeted browser data, making credential theft the most common sub-technique for access.

Infostealers increasingly exploit Chromium-based browsers to bypass built-in protections.

Execution has overtaken evasion

On Windows, execution tactics nearly doubled to 32%, surpassing defense evasion for the first time in three years.

GhostPulse accounted for 12% of signature events, often delivering infostealers like Lumma (6.67%) and Redline (6.67%).

AI lowers the barrier to entry

Generic threats rose 15.5%, fueled by adversaries using LLMs to churn out simple but effective malicious loaders and tools.

Off-the-shelf malware families remain widely used, with RemCos (9.33%) and CobaltStrike (~2%)

Cloud identity is under siege

Over 60% of cloud security events involved Initial Access, Persistence, or Credential Access.

Authentication gaps in Microsoft Entra ID stood out: 54% of anomalous Azure signals originated from audit logs, climbing to nearly 90% when all Entra telemetry was included.

Featured

  • UL Solutions Launches Artificial Intelligence Safety Certification Services

    UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now

  • ESA Announces Initiative to Introduce the SECURE Act in State Legislatures

    The Electronic Security Association (ESA), the national voice for the electronic security and life safety industry, has announced plans to introduce the SECURE Act in state legislatures across the country beginning in 2025. The proposal, known as Safeguarding Election Candidates Using Reasonable Expenditures, provides a clear framework that allows candidates and elected officials to use campaign funds for professional security services. Read Now

    • Guard Services

  • Ransomware Attacks Rise for the First Time in Six Months

    Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.