What Should We Learn From How Attackers Leveraged AI in 2025? - The Hacker News

What Should We Learn From How Attackers Leveraged AI in 2025? The Hacker NewsJan 13, 2026Threat Intelligence / Identity Security Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about "new" threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that worked - they're just doing it better. Supply Chain: Still Cascading Downstream As the Shai Hulud NPM campaign showed us, supply chain remains a major issue. A single compromised package can cascade through an entire dependency tree, affecting thousands of downstream projects. The attack vector hasn't changed. What's changed is how efficiently attackers can identify and exploit opportunities. AI has collapsed the barrier to entry. Just as AI has enabled one-person software projects to build sophisticated applications, the same is true in cybercrime. What used to require large, organized operations can now be executed by lean teams, even individuals. We suspect some of these NPM package attacks, including Shai-Hulud, might actually be one-person operations. As software projects become simpler to develop, and threat actors show an ability to play the long game (as with the XZ Utils attack) - we're likely to see more cases where attackers publish legitimate packages that build trust over time, then one day, with the click of a button, inject malicious capabilities to all downstream users. Phishing: Still Just One Click Away Phishing still works for the same reason it always has: humans remain the weakest link. But the stakes have changed dramatically. The recent npm supply chain attack demonstrates the ripple effect: one developer clicked a bad link, entered his credentials and his account was compromised. Packages with tens of millions of weekly downloads were poisoned. Despite the developer publicly reporting the incident to npm, mitigation took time - and during that window, the attack spread at scale. Official Stores: Still Not Safe Perhaps most frustrating: malware continues to bypass official gatekeepers. Our research on malicious Chrome extensions stealing ChatGPT and DeepSeek conversations revealed something we already know from mobile app stores—automated reviews and human moderators aren't keeping pace with attacker sophistication. The permissions problem should sound familiar because it's already been solved. Android and iOS give users granular control: you can allow location access but block the microphone, permit camera access only when an app is open, not in the background. Chrome could implement the same model for extensions - the technology exists. It's a matter of prioritization and implementation. Instead, users face a binary choice with extensions requesting permission to "read information from all websites." If an extension asks for that level of access, in most cases it will be used for malicious purposes, or it will later be updated to do so.  Attackers don't have the Shiny Tool Syndrome Attackers didn't throw out their playbook when AI arrived - they automated it. They're still exploiting supply chains, phishing developers, and sneaking malware past reviewers. They're just doing it with one-tenth the resources. We shouldn't be chasing shiny new defense strategies while the basics still don't work. Fix permissions models. Harden supply chain verification. Make phishing-resistant authentication the default. The fundamentals matter more now, not less. Attackers optimized the basics. What should defenders prioritize? Join OX for our upcoming webinar: Threat Intelligence Update: What's Been Working for Hackers and What Have the Good Guys Been Doing? We'll cover attack techniques gaining traction, what's actually stopping them, and what to prioritize when resources are limited. Register here. Register here. Note: This article was exclusively written and contributed by Moshe Siman Tov Bustan, Security Research Team Lead at OX. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  Browser Extension, Cybercrime, cybersecurity, Identity Security, Malware, Open Source, Phishing, Supply Chain Security, Threat Intelligence ⚡ Top Stories This Week WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis Load More ▼ ⭐ Featured Resources Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown [Watch Demo] See Which Security Gaps Attackers Could Exploit First