AI Adoption and Misuse Expands Enterprise and Cybercrime Risk
No single incident ties the reporting together; the dominant theme is AI’s expanding role in both enterprise operations and criminal tradecraft, alongside broader, non-AI security trend commentary. A Docker-sponsored survey reported by Help Net Security says 60% of organizations run AI agents in production, but security/compliance is the top scaling barrier (40%), with recurring concerns including prompt injection, tool poisoning, runtime isolation/sandboxing, auditability, and credential/access control in distributed agent systems. Separately, forum-traffic research summarized by Help Net Security found cybercriminals increasingly using mainstream and local AI models to support phishing, code generation, and social engineering, with frequent discussion of jailbreaking and the use of stolen/resold premium AI accounts.
Several other items are adjacent but not about the same specific story: an ESET article provides generic guidance on detecting AI voice deepfakes used for fraud; an Ars Technica piece covers copyright/data memorization risks in LLMs; and multiple outlets publish broader security trend or opinion content (quantum preparedness, ransomware targeting manufacturing, Romanian warnings about ransomware aligning with Russian hybrid aims, ATM jackpotting increases, and a Check Point retrospective). Some entries are primarily commentary, historical analogy, newsletters, or how-to recon guidance rather than new threat reporting, and should be treated as lower-signal for executive situational awareness unless your organization is actively deploying agentic AI or tracking AI-enabled fraud/social engineering.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Study concludes AI is becoming part of everyday cybercrime workflows
Researchers reported that cybercriminal use of AI appeared to be in an early integration phase marked by experimentation, commercialization attempts, and skepticism about reliability and OPSEC risks. The study concluded that AI's near-term impact is more likely to accelerate scams and social engineering than malware development, and recommended monitoring underground marketing claims and fraud signals for industrialized automation.
Docker report identifies security and complexity as key scaling barriers
The same report said security and compliance were the leading barrier to scaling AI agents for 40% of respondents, while 48% cited operational complexity from orchestrating models, APIs, connectors, and runtime environments. It also highlighted concerns around prompt injection, tool poisoning, MCP authentication and access control, vendor lock-in, and the need for signed packages, centralized registries, and policy enforcement.
Docker report finds AI agents widely deployed in enterprises
Docker's State of Agentic AI Report found that 60% of surveyed organizations were already running AI agents in production and that most treated agent development as a strategic priority. Early deployments were concentrated in internal, structured workflows such as DevOps/CI/CD optimization, security automation, process automation, and code generation or review.
Underground forums show early criminal adoption of AI workflows
During the January-July 2025 observation period, forum users discussed using mainstream chatbots such as ChatGPT, DeepSeek, Claude, and Grok for phishing text, scripting, and social-engineering rehearsal. The same discussions also promoted products like WormGPT and FraudGPT, often described as wrappers around mainstream models with jailbreak prompts, alongside services for hosting models and automating fraud calls.
Researchers collect cybercrime forum discussions on AI use
A study gathered and analyzed discussions about AI tools from 21 underground forums, covering 163 threads and 2,264 messages by 1,661 contributors. The collection period ran from 2025-01-01 through 2025-07-31 and captured activity on communities including XSS, BreachForums, Dread, and Exploit.in.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Enterprise AI Security Risks Driven by Shadow AI Adoption and Rapid Exploitability
Multiple reports highlighted escalating **enterprise AI security risk** driven by rapid adoption, weak governance, and widespread *shadow AI* use. Zscaler research reported that **90% of tested enterprise AI systems** had critical vulnerabilities discoverable in under 90 minutes, with a **median 16 minutes** to first critical failure, enabling fast data loss and defense bypass; the same reporting noted sharp growth in AI/ML activity across thousands of apps and rising corporate data transfers into AI tools such as *ChatGPT* and *Grammarly*. Separately, CSO Online reported that **roughly half of employees** use unsanctioned AI tools and that enterprise leaders are significant contributors, reinforcing the risk that sensitive data and workflows are being exposed outside approved controls. Governance and control gaps were further underscored by coverage of **NIST AI guidance** pushing organizations to expand cybersecurity risk management to AI systems, and by reporting on **AI infrastructure abuse** (criminals hijacking/reselling AI infrastructure) and **Hugging Face infrastructure** being abused to distribute an **Android RAT** at scale. Several other items in the set were not about enterprise AI risk specifically, including a **ShinyHunters vishing campaign**, **critical RCE flaws in the n8n automation platform**, an article on the **EU’s alternative to CVE** and potential fragmentation, a piece on a startup’s Linux security overhaul, and an opinion column on human risk management; these are separate topics and should not be treated as part of the same AI-risk story.
Mar 21, 2026
AI Adoption Outpacing Security Governance and Increasing Enterprise Risk Exposure
Enterprises’ rapid deployment of **AI and agentic AI** is increasingly creating measurable security and business risk, including direct exposure of sensitive personal data and downstream impacts on risk transfer. A widely cited example involved McDonald’s *McHire* applicant-screening platform (built by *Paradox.ai*), where researchers reported a trivial backend credential weakness (`123456` as both username and password) and no MFA, potentially exposing data tied to roughly **64 million** applicants; the incident is being used by insurers and risk teams as evidence that AI adoption is moving faster than security and governance, contributing to tighter cyber-insurance language, higher premiums, and **AI-related exclusions**. Separate reporting also highlighted that “plug-and-play” AI is unrealistic at enterprise scale, with organizations increasingly needing custom integration and operational ownership rather than relying on off-the-shelf tools. Threat reporting during the same period reinforced that AI is expanding both attacker capability and the attack surface: researchers described **Pakistan-linked APT36** using AI coding tools to generate high volumes of low-quality malware variants (including in less common languages) and to leverage legitimate cloud services for command-and-control, complicating detection. Additional research flagged **AI-themed browser extensions** (Chrome/Edge) that impersonate legitimate tools and can harvest LLM chat histories and browsing activity, underscoring the risk of “shadow AI” and unvetted add-ons. In parallel, routine threat-intelligence summaries continued to track major incidents (e.g., ransomware and data breaches) alongside AI-enabled tactics, indicating that AI risk is becoming intertwined with broader enterprise security exposure rather than remaining a standalone technology concern.
Mar 21, 2026
AI-driven security discourse highlights bug-finding gains, identity risks, and largely generic guidance
Coverage this week emphasized how **AI is accelerating both offense and defense**, but most guidance remained high-level rather than tied to a single incident. The FBI warned that criminals and nation-states are using AI to increase the *speed* of intrusions while still following familiar kill-chain steps, urging organizations to double down on fundamentals such as MFA, hardening internet-facing/edge assets, and credential abuse detection; CISA leadership echoed the focus on removing unsupported edge devices. Separate reporting and commentary highlighted AI’s growing impact on software assurance: Microsoft Azure CTO Mark Russinovich described using Anthropic’s *Claude Opus 4.6* to analyze decades-old assembly code and surface subtle logic flaws, while open-source maintainers reported being inundated with low-quality, AI-generated vulnerability reports even as AI-assisted analysis can also increase discovery of high-severity bugs (e.g., Mozilla’s red-teaming claims). Several items were **notable but not part of a unified event**: CSO Online reported the **CVE program’s funding was secured**, reducing near-term continuity risk for vulnerability enumeration, and separately covered **post-quantum cryptography (PQC)** planning uncertainty as vendors compete for early advantage. Other pieces were primarily opinion, best-practice, or event content—e.g., “shadow AI” governance steps, SOC preparation for agentic AI, OT/IoT security commentary, cloud-security leadership takes, and a conference session roundup—providing general risk framing rather than actionable incident-specific intelligence. One concrete threat report described a **software supply-chain lure** in which developers searching for *OpenClaw* were redirected to a **GhostClaw RAT**, reinforcing ongoing risk from trojanized tooling and search-driven malware delivery, but it was not connected to the broader AI/governance narratives in the rest of the set.
Mar 21, 2026