VYPR
trendPublished May 4, 2026· Updated May 17, 2026· 1 source

2025: The Year AI-Assisted Attacks Went Mainstream

The rise of agentic AI coding platforms in 2025 has significantly lowered the barrier to entry for cyberattacks, enabling non-technical individuals to execute sophisticated breaches and drastically reducing the time between vulnerability disclosure and exploitation.

The landscape of cybercrime underwent a fundamental shift in 2025 as the barrier to entry for sophisticated attacks plummeted, driven by the emergence of advanced, agentic AI coding platforms. According to *The Hacker News*, this technological leap has empowered non-technical individuals to execute complex breaches that were previously the domain of organized cybercriminal groups The Hacker News.

The impact of this shift is evidenced by a series of high-profile incidents throughout 2025. In December, a 17-year-old with limited technical expertise utilized malicious code to exfiltrate personal data belonging to over 7 million users of the Japanese internet cafe chain Kaikatsu Club, reportedly to fund a collection of Pokémon cards. Earlier in the year, three teenagers aged 14 to 16 used ChatGPT to launch approximately 220,000 requests against Rakuten Mobile’s systems. By July, a single actor leveraged Claude Code to conduct an extortion campaign against 17 organizations, using the AI to develop malware, organize stolen data, and automate the drafting of extortion demands The Hacker News.

The technical capabilities of these AI tools have fundamentally altered the speed of exploitation. Data indicates that the "time to exploit"—the duration between a vulnerability's disclosure and its active exploitation in the wild—has collapsed from over 700 days in 2020 to just 44 days in 2025. Mandiant’s *M-Trends 2026* report suggests this window has effectively gone negative, with 28.3% of CVEs now seeing exploitation within 24 hours of public disclosure The Hacker News.

This surge in activity is mirrored by a dramatic increase in malicious artifacts. Public repository threats grew from 55,000 in 2022 to 454,600 by 2025. Furthermore, the efficacy of AI models on software development benchmarks, such as SWE-bench, saw a massive improvement, with top models increasing their ability to resolve real-world GitHub issues from 33% in August 2024 to nearly 81% by December 2025 The Hacker News.

The democratization of these tools has enabled single actors to perform operations that previously required the resources of an entire team. In one notable instance, an individual used Claude Code and ChatGPT to breach the Mexican government, compromising over 10 agencies and stealing more than 195 million taxpayer records. These incidents underscore a broader trend where LLM-backed agents have transitioned from simple coding assistants into end-to-end powerhouses capable of orchestrating full-scale cyberattacks The Hacker News.

As AI-assisted coding continues to evolve, the security community faces a future where the speed and frequency of attacks are likely to remain elevated. The shift from human-led development to agentic AI workflows has not only increased the volume of malicious packages and cloud intrusions but has also fundamentally changed the profile of the modern threat actor, making advanced technical expertise less of a prerequisite for successful exploitation.

Synthesized by Vypr AI