Cisco Talos Reveals Rise in Malicious Use of AI Tools
Cisco Talos, one of the world's most trusted threat intelligence teams, has revealed how cybercriminals are increasingly abusing artificial intelligence (AI) tools to enhance their operations.
According to a newly published report, large language models (LLMs) are being exploited to generate malicious content and bypass traditional security measures.
Cisco Talos reported that both custom-built and jailbroken (modified) versions of LLMs are now being used to scale cyberattacks. These versions are producing phishing emails, malware, viruses, and other harmful content.
The report noted that some LLMs are being connected to external tools, including email accounts and credit card checkers. This integration is helping cybercriminals automate and amplify their attacks.
Cisco Talos researchers also documented the presence of malicious LLMs on underground forums. These include names such as: FraudGPT
DarkGPT
WhiteRabbitNeo
These tools are advertised with features like ransomware creation, phishing kit generation, and card verification services.
Interestingly, the report also revealed that some fake AI tools are being used to scam fellow cybercriminals.
Cisco Talos highlighted how attackers are jailbreaking legitimate AI models. These jailbreaks aim to bypass safety guardrails and alignment training, allowing the generation of normally restricted content.
Additionally, the report warned that AI models themselves are becoming targets. Attackers are inserting backdoors into downloadable models, enabling them to function as programmed by the attacker when activated.
Models using external data sources are also at risk. If threat actors manipulate the source data, it could compromise the model's behavior.
Fady Younes, Managing Director for Cybersecurity at Cisco covering the Middle East, Africa, Türkiye, Romania, and CIS, commented on the findings. He stated that while large language models offer significant potential, they are now being weaponized to scale attacks.
He emphasized the need for strong AI governance, user awareness, and foundational cybersecurity measures.
'With recent innovations like Cisco AI Defense, we are committed to helping enterprises achieve end-to-end protection as they build, use, and innovate with AI,' Younes added.
Cisco Talos concluded that as AI becomes more integrated into enterprise and consumer systems, security strategies must evolve.
It stressed the importance of: Scanning for tampered AI models
Validating external data sources
Monitoring abnormal LLM behavior
Educating users on the risks of prompt manipulation
The report signals a new phase in the cyber threat landscape. Cisco Talos continues to monitor the situation as part of its mission to strengthen global cybersecurity.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Khaleej Times
an hour ago
- Khaleej Times
TASC slashes Tech Hiring Time in Saudi Arabia with launch of Tech Vertical AIQU
Saudi Arabia's Vision 2030 is driving a significant surge in demand for technology talent, especially in AI and machine learning. However, many companies face challenges such as lengthy hiring processes, high costs, and limited flexibility, which cause delays that put critical digital projects at risk. Overcoming these obstacles is essential to sustaining the Kingdom's fast-moving digital transformation. AIQU, powered by workforce solutions provider TASC, builds on its established presence in Saudi Arabia by introducing innovative solutions like Deploy-on-Demand, which is designed to cut tech hiring timelines by up to 50 per cent. With a proven track record in Tech Talent, Statement of Work, Digital, and Managed Services, AIQU continues to evolve to meet the Kingdom's growing demand for agile workforce solutions. They enable clients to rapidly fill specialised roles while handling iqama, payroll, compliance, and onboarding, providing pre-verified talent ready to deploy within 2 to 6 weeks, compared to the market average of 3 to 6 months. This innovative solution is already supporting public sector digital programmes, banking and fintech transformations, global consultancies, and rapidly scaling SAP and ERP projects across the country. Industries such as cloud computing, AI, and cybersecurity are expanding faster than available talent can keep pace, creating an urgent tech crunch in Saudi Arabia. Roles like cloud architects, SAP consultants, and data engineers are in high demand, but local expertise remains limited. For specialised skills such as OT/ICS security or data governance, the talent gap is even more pronounced. AP consulting roles, for example, have a local talent shortfall of up to 40 per cent. 'Many businesses simply cannot afford the three to six-month hiring cycles associated with conventional recruitment or global system integrators,' says Tim Harlow, head of AIQU. 'Critical transformation projects cannot wait, yet the complexity of the Saudi recruitment market makes speed challenging. Vision 2030's momentum has created an enormous opportunity for organisations able to close their talent gaps quickly.' System integrators add further cost and complexity with approval processes and onboarding delays, making these models less sustainable. 'Cost, speed, and flexibility are the three pillars every client struggles with. Existing models are too rigid for today's dynamic projects,' Taha Esmail, VP of AIQU added. AIQU's Deploy-on-Demand model is built to overcome these challenges by offering pre-verified, project-ready tech talent mobilised up to 70 per cent faster than traditional hiring models. Clients submit role requirements tied to project deliverables, and AIQU matches candidates from a continuously refreshed bench of regional and international professionals. The service also manages full onboarding, including iqama, payroll, compliance, and Saudization requirements, ensuring faster time-to-productivity and regulatory alignment. Beyond speed, AIQU's approach delivers significant cost savings, typically 30 to 50 per cent compared to traditional system integrators, by cutting multilayered consulting overheads and providing transparent pricing. 'Clients want agility. We enable them to scale teams up or down based on project phases without the cost and complexity of long-term headcount commitments,' said Pinky Mistry, VP of AIQU. AIQU is expanding its pipeline of Arabic-speaking professionals, partnering with local training academies, building offshore development centers and growing its presence across the country. 'Vision 2030's momentum has created a massive opportunity for those who can close talent gaps fast. Our focus is on giving clients the agility they need to keep pace with this transformation,' concludes Tim.
Zawya
2 hours ago
- Zawya
Dun & Bradstreet named 2025 databricks growth data partner of the year
Riyadh, Saudi Arabia – Dun & Bradstreet, a global leader in commercial data and analytics, has been awarded the title of 2025 Databricks Growth Data Partner of the Year at this year's Data + AI Summit, a recognition of the company's pivotal role in enabling organizations to operationalize trusted data and accelerate their AI transformation journeys. This award spotlights Dun & Bradstreet's strong alignment with Databricks' Data Intelligence Platform, where their integration of global B2B data has helped enterprises solve complex use cases, ranging from credit decisioning and compliance to supply chain modeling and ESG reporting. The recognition stems from the companies' shared commitment to unlocking powerful insights through AI-ready data at scale. By delivering near real-time commercial data through Delta Sharing, Databricks' open and secure data sharing protocol, Dun & Bradstreet empowers clients to break down silos, streamline operations, and make faster, data-driven decisions across regions and platforms. "This recognition as Databricks' Growth Data Partner of the Year truly underscores our unwavering commitment to spearheading data-driven transformation across the Middle East, Africa, and South Asia. At Dun & Bradstreet, we are immensely proud to empower organizations with trusted, AI-ready data that fuels smarter decision-making and sustainable growth. Our strengthened collaboration with Databricks is enabling businesses across diverse sectors to unlock powerful insights and drive scalable innovation for a data-first future." Nauman Lakhani, Group Director, Enterprise Solutions Dun & Bradstreet South Asia Middle East Africa With this milestone, Dun & Bradstreet reinforces its position as a trusted enabler of enterprise data transformation, offering clients the foundational data they need to confidently scale AI-powered solutions. About Dun & Bradstreet Dun & Bradstreet data and insights help improve business performance. Over 600 Million companies worldwide rely on Dun & Bradstreet to help grow and protect their businesses. The market-leading solutions for data and insights are a critical factor to drive revenue acceleration, manage risk, lower cost and business transformation. Global businesses of all sizes rely on D&B's data, insights & analytics. Dun & Bradstreet South Asia Middle East Ltd. is responsible for the Dun & Bradstreet business in countries across the Middle East, South Asia, and Africa. Dun & Bradstreet South Asia Middle East Ltd. offers a suite of information solutions across these regions. Our services are utilized extensively by banks, financial institutions, government departments, multinationals, corporate entities, small and medium sized enterprises for seamless operations. We have offices in UAE, Bahrain, Qatar, Saudi Arabia, Bangladesh, Nigeria, Ghana, Tanzania and Pakistan.
Tahawul Tech
2 hours ago
- Tahawul Tech
xAI apologies for recent horrific behaviour of Grok chatbot
xAI has apologised after its AI chatbot Grok reportedly made a series of extreme comments, issuing a statement within a day of Financial Times reporting it is in early talks with investors over a $200 billion valuation deal. The company issued a post on 12 July offering its deep apologies for Grok's behaviour, which it blamed on deprecated code. Countless reports last week highlighted a run of antisemitic and violent comments, along with praise for Adolf Hitler. The Guardian explained Grok also issued white supremacy-style statements, showing a similar race-related angle in posts about South Africa earlier in the year. xAI acknowledged some users experienced 'horrific behaviour' by Grok. It emphasised the company's purpose is to 'provide helpful and truthful responses to users' and conducted a 'careful investigation' which uncovered the coding issue. The company explained the problem was a result of an 'update to a code path upstream' of Grok, noting this is 'independent of the underlying language model'. xAI explained the update 'was active for 16 hours' and made the chatbot 'susceptible to existing X user posts' including those containing 'extremist views'. This all happened before the release of Grok 4 on 9 July, which xAI describes as the 'most intelligent model in the world', employing native tools and 'real-time search integration'. Grok 4 was released to SuperGrok and Premium+ subscribers on 9 July: USA Today noted xAI owner Elon Musk made no reference to the chatbot's woes as he unveiled the latest iteration. FT reported on 11 July xAI is mulling another funding round which could propel its valuation to ten-times the level it was in 2024. It mentioned Saudi Arabia's Public Investment Fund as a potential major player in any move, which would be the third share sale in recent months should it go ahead. Source: Mobile World Live Image Credit: xAI
