Assume You Will Be Hacked: AI is enabling a deluge of cyberattacks the likes of which we’ve never seen before.

Submitted ⁨⁨3⁩ ⁨hours⁩ ago⁩ by ⁨alyaza@beehaw.org⁩ to ⁨technology@beehaw.org⁩

https://www.theatlantic.com/technology/2026/06/ai-hacking-cybersecurity-banks/687562?gift=j9r7avb6p-KY8zdjhsiSZxa34-eFHYDKh9SueJuxXfI

Late last month, I began to consider withdrawing some money from my savings account to buy gold. It’s the first time I’ve ever thought about panic-buying. For all of the firewalls and two-factor-authentication codes, the safety of the internet is starting to falter. Hackers are gaining the upper hand over organizations around the world—hospitals, energy grids, government agencies, and, yes, banks.

As AI tools have become extremely good at writing code, they’ve also become extremely good at pulling off cyberattacks. (Malware, after all, is still software.) The result has been a change in the scale, speed, and sophistication of hacks that is difficult to overstate: Among its tens of thousands of clients, the cybersecurity firm Palo Alto Networks identified a fourfold increase in daily attacks from 2024 to 2025. Hackers are developing AI-enhanced computer viruses that adapt on the fly to avoid detection. They are automating cyber-espionage campaigns on foreign governments. They are stealing data in minutes instead of hours. “There’s a crazy amount of offensive activity happening right now,” Alex Stamos, a former chief security officer of Yahoo and Facebook, told me. “Companies are getting hacked every single day.”

source

Comments

Sort:hotnew top

eleijeep@piefed.social ⁨17⁩ ⁨minutes⁩ ago
This is just hype. The marketing hype of these models has focused a huge amount of human effort on looking for vulnerabilities that we could have found before if CTOs could have been convinced that it was worth the time and resource investment to go looking for them.

We now have an industry full of executives who believe they will be the ones held responsible if they don’t quickly respond to this “new threat” and so now the engineers who should have been given the time to address technical debt and look for security issues in their products years ago, actually have the remit from the suits to do so.

Any time one of these snake-oil companies tells you that their model found hundreds of security issues in a project, just realise that what it actually did is spit out thousands of useless pages of nonsense that a team of real engineers had to check, and in checking all of the nonsense they realised that hold on a minute, yes this particular function does have a vulnerability. The AI is just giving us permission to look, by pointing its sixth finger at every other line of code.

source
morto@piefed.social ⁨1⁩ ⁨hour⁩ ago
I wonder if ai is enabling new attacks primarily because they allow to find vulnerabilities and coding the exploits, or because companies are using ai at their systems and putting generated insecure code into production

source
- Gumus@lemmy.dbzer0.com ⁨16⁩ ⁨minutes⁩ ago
  Vibecoding in production is definitely introducing vulnerabilities, but this is more about etablished systems. Current AI allows for cheap, fast and relatively easy exploration of vulnerabilities which in turn allows attackers to target systems that were previously not worth the effort.
  
  There are a lot of bespoke systems, usually legacy code running on outdated OSes on obsolete hardware. This includes hospitals, banks, infrastructure, and many businesses. All viable targets now.
  
  “Security by obscurity” doesn’t work anymore (if it ever did).
  
  source
ParlimentOfDoom@piefed.zip ⁨1⁩ ⁨hour⁩ ago
Why does this person have enough money in a saving account that buying gold with it instead would make much of a difference in their personal wealth?

They’re losing far more to inflation than they are risking being stolen by some ai chatbot.

source
etherphon@piefed.social ⁨1⁩ ⁨hour⁩ ago
I wish these places made it easier for us to fully delete all our accounts and data on their sites instead of having things like 30 day wait periods for account deletion which is buried under 9 layers of menu on the security dashboard or whatever, let me get my data off your service before it gets hacked. The problem is that when these tools become as easy as writing a prompt it’s no longer just “hackers” it’s just ordinary everyday criminals who can pull this stuff off now, all of the skill required has been removed once again with no guard rails, let’s see what happens this time.

source
definitemaybe@lemmy.ca ⁨52⁩ ⁨minutes⁩ ago

Many independent cybersecurity experts have told me that these models are as or nearly as skilled as elite human hackers, which is why Anthropic and OpenAI didn’t release them publicly.

Citation needed.

Here’s mine:

The bugs Anthropic used to justify a $100 million consortium, eleven Fortune-100 partners, a “too dangerous to release” decision, and global headlines that “frightened the British” — an open-weights 3.6B active-parameter model finds them too, for eleven cents per million tokens.

source
Kn1ghtDigital@lemmy.zip ⁨2⁩ ⁨hours⁩ ago
Viruses that adapt on the fly is a nightmare scenario.

“It’s too late, I’m in your RAM, now, Dave.”

source
kibblebits@quokk.au ⁨3⁩ ⁨hours⁩ ago
Yeah but now you need to protect your gold. Which is not the best feeling.

source
- reluctant_squidd@lemmy.ca ⁨2⁩ ⁨hours⁩ ago
  You should start a service to house peoples gold and keep it secure for a small recurring fee.
  
  source
  - kibblebits@quokk.au ⁨2⁩ ⁨hours⁩ ago
    Now that’s a good idea… ;)
    
    source