CrowdStrike warns government hackers are ramping up their AI game to speed up and sharpen attacks, according to its 2025 Threat Hunting Report dropped Monday.
AI is fueling cyber threats at multiple stages. Hackers use it to scope out targets, assess vulnerabilities, and crank out phishing lures. They’re also automating tasks and upgrading their hacking tools with AI’s help.
Iran-backed hacking group Charming Kitten likely leaned on AI to craft messages in a 2024 phishing spree hitting U.S. and European targets. Another gang dubbed Reconnaissance Spider suspiciously left an AI prompt in a phishing message translated into Ukrainian, revealing use of AI in recycling old lures. 
North Korea’s Famous Chollima crew (UNC5267) is pulling off more than 320 intrusions a year, sticking to an aggressive pace by using GenAI-powered tools throughout their scam hiring and employment operations.
AI helps them write résumés, handle job applications, and keep their identities hidden during video interviews.
Hackers are zeroing in on AI tools themselves. CrowdStrike points to an April exploit of a flaw in Langflow’s AI workflow tool that let attackers sneak into networks, hijack accounts, and drop malware.
“As organizations continue adopting AI tools,” CrowdStrike said,
“the attack surface will continue expanding, and trusted AI tools will emerge as the next insider threat.”
Securing AI is clearly the next big challenge as attackers keep finding new ways to weaponize it.
