Cybersecurity is not just about defense, it is about protecting profits. Organizations without modern threat intelligence (TI) face escalating breach costs, wasted resources, and operational inefficiencies that hit the bottom line.  

Here is how actionable intel can help businesses cut costs, optimize workflows, and neutralize risks before they escalate. 

Key Takeaways 

• TI turns security into a cost-saving engine by preventing breaches that could otherwise drain millions in recovery and reputational damage. 

• Automation eliminates labor waste, allowing SOC teams to focus on high-value tasks instead of drowning in false positives. 

• TI drives faster response which minimizes disruptions, reducing downtime and the cascading financial losses that follow. 

• Continuous intelligence future-proofs defenses, keeping organizations ahead of evolving threats without constant manual updates. 

• Seamless integration protects existing investments, embedding TI into current workflows without costly overhauls. 

3 Hidden Costs of Ignoring Threat Intelligence 

1. SOC Inefficiency and Burnout 

When SOC analysts lack high-fidelity, context-rich threat intelligence, they are forced to manually investigate thousands of alerts, many of which turn out to be false positives. This relentless cycle wastes time, drains budgets, increases turnover, and leaves critical threats unaddressed.  

Without automation and precise data, teams operate in a constant state of reactive chaos, where even minor incidents consume disproportionate resources. 

• False positives cost enterprises $1.3M annually in wasted labor. 

• Analyst burnout makes people over two times more likely to look for a new job. 

2. Undetected Threats Escalate into Financial Disasters 

Cyberattacks exploit gaps in visibility and slow response times. Organizations relying on outdated or generic TI feeds often miss targeted, evasive threats until it is too late. By the time a breach is detected, the damage in terms of downtime, regulatory fines, and lost customer trust has already begun. The financial effects of a single incident can cripple budgets and erode market position for years. 

• $4.4M is the average breach cost for companies today. 

• 60% of SMBs close within 6 months of a breach. 

3. Compliance Gaps Trigger Fines and Legal Risks 

Regulatory bodies do not accept “we didn’t see it coming” as an excuse. Without real-time, comprehensive TI, organizations struggle to detect, document, and mitigate threats in ways that satisfy auditors. The result is hefty fines, legal battles, and mandatory security overhauls that could have been avoided with proactive intelligence.

• GDPR fines may constitute up to 4% of global revenue or €20M. 

• HIPAA violations may reach $1.5M+ per incident. 

5 Ways Threat Intelligence Saves Money and Resources 

1. Helps Stop Breaches Before They Start 

The financial impact of a cyberattack extends far beyond the immediate incident. Downtime, regulatory penalties, and reputational harm can accumulate into millions in losses even for a single event. Most organizations do not realize how many attacks slip through their defenses until it’s too late. The difference between a near-miss and a full-blown crisis often comes down to how quickly and accurately threats are identified. 

ANY.RUN’s Threat Intelligence Feeds provide actionable, real-time intelligence needed to block threats at the earliest stage. Instead of reacting to breaches after the fact, teams can neutralize risks before they execute, turning potential disasters into routine intercepts. 

How ANY.RUN Helps: 

• TI Feeds and Threat Intelligence Lookup deliver 24× more IOCs per incident from 15,000+ SOCs’ real-world investigations, offering instant, deep context on emerging threats, so analysts confirm and contain attacks in seconds. 

2. Eliminates Wasteful Spending on False Positives 

SOC teams are overwhelmed by alert fatigue, with analysts spending hours each day chasing down irrelevant or duplicate threats. This becomes both a productivity issue and a financial drain, as organizations pay for overtime, burnout, and unnecessary tooling that does not address real risks. The problem compounds when teams lack the context to prioritize threats effectively, leading to misallocated resources and missed critical alerts. 

ANY.RUN’s solutions filter out the noise, ensuring teams focus only on verified, high-impact threats. This shift saves time and redirects budgets from wasteful investigations to proactive and fast incident handling. 

How ANY.RUN Helps: 

• TI Feeds cut through irrelevant alerts, delivering only filtered, malicious IOCs, which saves hours of work and speeds up response.

• TI Lookup enriches alerts with threat context, including TTPs and additional indicators so teams prioritize based on actual risk. 

3. Cuts Labor Costs with Automated Triage 

Manual threat triage is one of the biggest hidden expenses in cybersecurity. Analysts stuck in repetitive, low-value tasks burn out and cost more in overtime and turnover. Delayed responses increase breach risks and force costly retraining. 

Thanks to plug-and-play integrations and API/SDK support, ANY.RUN’s TI solutions connect seamlessly with SOCs’ current software and enhance existing workflows. This reduces unnecessary escalations from Tier 1 to Tier 2 analysts, cutting labor costs and increasing the alert handling capacity without extra hiring. 

How ANY.RUN Helps: 

• TI Lookup can be used to automatically enrich alerts and artifacts, reducing triage time to seconds and giving analysts the context they need to act independently. 

• TI Feeds stream live IOCs via STIX/TAXII directly into SIEM/SOAR/firewall/EDR and other solutions, eliminating manual data entry. 

4. Accelerates Response to Minimize Financial Fallout 

Every minute counts during a cyber incident. Slow detection and response prolong downtime and amplify financial losses, from regulatory fines to customer churn. Organizations without real-time, context-rich TI often struggle to collect actionable insights, delaying critical decisions and letting attacks spread unchecked. 

ANY.RUN’s TI Lookup provides instant, deep context, including a full attack view based on a single indicator, so teams can quickly understand the threat they are dealing with and respond decisively without guesswork. Faster responses limit damage, preserve revenue, and protect customer trust, turning potential crises into manageable events. 

How ANY.RUN Helps: 

• TI Lookup provides sandbox detonation context for threats, so SOCs can see how malware acts on a real system and use the findings to contain it in their infrastructure. 

• TI Feeds supply links to sandbox reports for each indicator, which immediately provides security teams with full visibility into the detected threat’s actions. 

5. Keeps SOCs Up-to-date on Evolving Threats without Manual Work 

Cyber threats evolve daily, but most TI feeds update weekly or monthly, leaving gaps that attackers exploit. Organizations stuck with static, generic IOCs are forced into reactive, costly fixes every time a new attack emerges. This approach poses a direct financial risk, increasing the likelihood of malware slipping through outdated defenses. 

ANY.RUN’s TI Feeds update continuously with data from live investigations by 500,000 security analysts, ensuring defenses adapt automatically to new threats. TI Lookup’s MITRE ATT&CK integration helps teams anticipate attacker moves, turning security from a cost center into a strategic advantage. 

How ANY.RUN Helps: 

• TI Feeds are continuously updated in real time, delivering 99% unique IOCs, so SOCs can stay ahead of emerging threats and detect attacks that are missed by other tools. 

• TI Lookup’s Query Updates help SOCs to get new indicators and samples for threats of their interest to keep up with evolving infrastructure and enrich proactive defense. 

Success Story: International Transport Company 

Challenge 

A transportation company faced constant cyber threats, especially through email phishing and malware attacks. Attackers frequently changed their infrastructure, making it hard to track and block threats in time. The security team struggled to manually monitor evolving attacks, which risked exposing sensitive communications and disrupting operations. 

Solution 

The company used ANY.RUN’s Threat Intelligence Lookup to automate threat tracking. They set up custom search queries for specific threats like geo-targeted attacks, CVEs, and phishing domains and subscribed to real-time updates. This allowed them to focus on active threats, convert new threat data into detection rules, and respond faster without manual searches. 

Results 

• Faster Threat Detection: Automated alerts helped the team spot and block attacks like phishing and malware campaigns before they caused damage. 

• Better Resource Use: The team saved time by reducing manual research, letting them focus on high-priority threats and improve overall security. 

• Proactive Defense: Real-time updates on active threats allowed the company to strengthen defenses and stay ahead of attackers.. 

Conclusion

Threat intelligence solutions like ANY.RUN’s TI Feeds and TI Lookup both improve security and deliver measurable cost savings, resource optimization, and risk reduction. By automating triage, eliminating false positives, and accelerating response, businesses can: 

• Avoid breach-related costs (downtime, fines, reputation damage). 

• Cut labor expenses (overtime, hiring, turnover). 

• Optimize security budgets (focus on high-impact threats). 

• Future-proof defenses (adapt to evolving attacks). 

About ANY.RUN   

ANY.RUN is built to help security teams detect threats faster and respond with greater confidence. Our Interactive Sandbox delivers real-time malware analysis and threat intelligence, giving analysts the clarity they need when it matters most.    

With support for Windows, Linux, and Android environments, our cloud-based sandbox enables deep behavioral analysis without the need for complex setup. Paired with Threat Intelligence Lookup and TI Feeds, ANY.RUN provides rich context, actionable IOCs, and automation-ready outputs, all with zero infrastructure burden.   

Start your 14-day trial now →   

The post 5 Ways Threat Intelligence Saves Businesses Money and Resources  appeared first on ANY.RUN’s Cybersecurity Blog.

ANY.RUN’s Cybersecurity Blog – ​Read More

Recently, we have hosted a webinar exploring some of the latest malware and phishing techniques to show how interactive analysis and fresh threat intelligence can help SOC teams stay ahead.

ANY.RUN’s experts depicted the evolving landscape of malware tactics, highlighted real-world examples of sophisticated attacks, and provided practical detection tips for analysts.  
 
You can watch the session on ANY.RUN’s YouTube channel or read our quick recap below.  

Join us on social media not to miss new event announcements: LinkedIn; X.com, Discord.  

Key Takeaways 

1. QR Code Threats are Evolving: Phishkit attacks increasingly use QR codes to evade detection, as many security solutions still cannot adequately scan and analyze QR code content. 

2. Interactive Analysis is Critical: Traditional automated tools fail against sophisticated attacks like ClickFix that require human interaction to fully execute. SOC teams need sandbox environments capable of manual navigation through CAPTCHAs and multi-stage social engineering attacks. 

3. System Binaries are Attack Vectors: Living Off the Land Binary (LOLBin) abuse allows attackers to hide malicious activities within trusted system processes like PowerShell and mshta.exe, making detection extremely challenging without advanced behavioral analysis. 

4. Real-Time Threat Intelligence is Essential: Access to current, actionable intelligence from global SOC investigations can reduce mean time to response by up to 21 minutes per case and provide crucial context for suspicious activities. 

5. Automation Reduces Analyst Burden: Strategic automation can decrease Tier 1 case loads by up to 20% and reduce escalations to senior analysts by 30%, allowing teams to focus on high-value threat hunting and response activities. 

The Growing Challenge: New Techniques, Low Detection Rates 

Low detection rates remain a critical issue for SOC teams. As attackers employ new evasion techniques, missed threats can lead to severe infrastructure damage, asset compromise, and reputational harm.  

The webinar covered three key tactics: ClickFix attacks using steganography payloads, phishing kits with Tycoon2FA‘s new evasion chain, and Living Off the Land Binaries (LOLBins) in DeerStealer attacks. 

Establishing Fast Detection and Proactive Defense with ANY.RUN 

Attackers are relentless in refining their malware and phishing tactics, but SOC teams can fight back effectively with the right solutions. By combining hands-on interactive analysis, automation, and shared threat intelligence, ANY.RUN helps SOCs cut through alert noise, accelerate detection, and strengthen proactive defense. 

Organizations implementing advanced detection strategies should track several key metrics to measure success: 

• Detection Rate Improvement: 88% of threats become visible within 60 seconds of analysis. 

• Mean Time to Response Reduction: Advanced detection reduces MTTR by up to 21 minutes per case. 

• Escalation Reduction: Effective training and services can reduce escalations from Tier 1 to Tier 2 analysts by 30%. 

• Overall Performance Multiplier: Some organizations report up to 3x better performance. 

Three Critical Attack Vectors Demanding Attention 

1. ClickFix Attacks: The Steganography Challenge 

ClickFix represents one of the most insidious social engineering attacks currently targeting organizations. This technique leverages fake error messages and CAPTCHA challenges to trick users into manually executing malicious PowerShell commands through clipboard hijacking. 

The attack typically begins with phishing emails or compromised websites that present users with seemingly legitimate verification processes. The sophisticated nature of these attacks lies in their multi-layered deception: 

• Double Spoofing: Attackers create fake versions of trusted websites (such as booking platforms) and combine them with convincing CAPTCHA challenges. 

• Manual Execution Requirement: The attack only proceeds when users manually follow instructions, making it extremely difficult for automated systems to detect. 

• Clipboard Manipulation: Malicious commands are silently copied to the user’s clipboard without notification. 

• Social Engineering: Users are instructed to paste and execute clipboard contents through system dialog boxes. 

We can see these TTPs in action by analyzing a ClickFix sample in the Sandbox.  

A user is required to click through a (fake) CAPTCHA — this is where most automated tools will stumble thus missing the threat, but ANY.RUN’s Sandbox interactivity allows to solve the task.  

Upon the click on the CAPTCHA, a malicious command is copied to the user’s clipboard without any notification. It is a PowerShell script:  

  

A popup appears next, directing the user to run the command.  

The process tree in the Sandbox allows us to view the entire event chain from the initial command execution to the final payload. 
 
Once executed, ClickFix attacks can deploy various malware types, including Lumma Stealer, AsyncRAT, and ransomware. The technique’s effectiveness stems from its ability to bypass traditional detection mechanisms that cannot simulate human interaction or navigate through interactive elements like CAPTCHAs. 

In our case, the attack has delivered not only AsyncRAT, but also DCRAT. The Sandbox tells us that it has created files in the startup directory. This is a standard persistence mechanism that allows the malware to continue working even after a system reboot. 

The sandbox tells us that it has created files in the startup directory.  

This is a standard persistence mechanism that allows the malware to continue working even after a system reboot. 

Detection of ClickFix attacks requires interactive analysis capabilities that can replicate human behavior in a controlled environment. Traditional automated scanning tools will typically fail at the CAPTCHA stage, leaving the threat undetected and potentially allowing it to reach end users. 

To see variants of ClickFix attacks with varying scenarios and payloads and gather IOCs for detection rules, query the technique in ANY.RUN’s Threat Intelligence Lookup. The data comes from sandbox analyses of over 15,000 SOC teams around the world who investigate real-world recent incidents.    

threatName:”ClickFix” 

2. PhishKit Attacks: Advanced Evasion Through QR Code Obfuscation 

Phishkit attacks represent a significant evolution in phishing campaign sophistication. These pre-packaged toolkits, often sold on dark web marketplaces, enable even unskilled attackers to create highly convincing phishing campaigns that mimic trusted brands like Microsoft, Google, and other major service providers. 

The latest iterations of phishkit attacks incorporate several advanced evasion techniques:  

• QR Code Integration: Malicious links are embedded within QR codes in PDF attachments, often styled to appear as legitimate DocuSign documents. 

• Mobile Device Targeting: QR codes naturally direct victims to mobile devices, where phishing indicators may be less visible on smaller screens. 

• Multi-Stage Human Interaction Checks: Attacks include various verification steps designed to evade automated analysis. 

• AI-Generated Content: Some variants use artificial intelligence to create more convincing phishing content. 

In spite of the anti-evasion techniques, ANY.RUN’s Sandbox can automatically detonate these attacks. Automated Interactivity handles this without analysts’ manual effort: view an analysis.  

In the Actions section, we can see the steps the Sandbox performed to detonate each attack stage. The attack begins with an email that has a pdf attachment styled to appear as a legitimate DocuSign document.   
 
The document contains a QR code: a common trick in phishing attacks these days that can be very effective. First, it lets attackers avoid detection because many security solutions still cannot scan QR codes. Second, most people use mobile devices to scan codes, so the attack further unfolds on a smaller screen making it harder to spot signs of phishing.   
 
The Sandbox extracts the link from the QR code, follows it to a page with a Cloudflare Turnstile CAPTCHA, and solves the CAPTCHA. The final stage of the kill chain is a very convincing fake Microsoft 365 login page designed to steal credentials.  

Popular phishkits like Tycoon2FA and Mamba2FA have been linked to sophisticated threat groups, including Storm-1747, demonstrating the organized nature of these campaigns. The QR code obfuscation technique is particularly effective because many security solutions still cannot adequately scan and analyze QR codes for malicious content. 

To find more samples of phishkit attacks employing QR codes and targeting companies in your location, use the following TI Lookup request (replace Spain’s country code by your own): 

threatName:”qrcode” and threatName:”phishing” AND submissionCountry:”es” 

Effective detection requires systems capable of: 

• Automatically extracting and analyzing URLs from QR codes. 

• Solving various CAPTCHA challenges without human intervention. 

• Following multi-stage attack chains to their ultimate payload. 

• Identifying sophisticated phishing page designs that closely mimic legitimate services. 

ANY.RUN’s customers report that the autonomous interactive analysis in the Sandbox brings the total case load for L1s down by up to 20%.   

3. Living Off the Land Binaries (LOLBins): Exploiting System Trust  

The abuse of Living Off the Land Binaries represents one of the most challenging detection scenarios for SOC teams. This technique involves hijacking legitimate Windows system utilities such as PowerShell, mshta.exe, and cmd.exe to execute malicious activities while blending with normal system processes. LOLBin abuse is particularly effective due to: 

• Legitimate Process Masquerading: Malicious activities appear to originate from trusted system binaries. 

• Antivirus Evasion: Many security solutions whitelist system utilities, allowing malicious commands to execute undetected. 

• Environmental Consistency: Attacks use tools that exist in every Windows environment, ensuring compatibility. 

• Reduced Forensic Footprint: Activities may be harder to distinguish from legitimate administrative tasks. 

Let’s observe an example of a typical LOLBin attack. 

It might begin with a malicious .lnk file that executes mshta.exe through PowerShell to download executable files from remote servers. The attack chain often includes decoy actions (such as downloading legitimate PDF files) to distract from the real malicious payload delivery.  

We can see how the malware first downloads a .pdf file as a way to distract analysts, a moment later it downloads the final payload and executes it. 

In this attack, the payload is DeerStealer, which can steal sensitive information and establish persistent access to compromised systems. The challenge for SOC teams lies in distinguishing between legitimate system administration activities and malicious abuse of the same tools. 
 
The biggest problem with LOLBin abuse is that it’s hard to spot once the infection takes place. In the example above, the script connects to an external server to download the payload, and this activity would be spotted by detection systems.   

But an analyst might see it as a false positive because there’s no context for what happened after the connection. The context linking indicators to real incidents for fast, free of false-positives threat detection, SOC teams can leverage ANY.RUN’s Threat Intelligence Feeds.  

TI Feeds is a continuous stream of actionable network IOCs straight to SIEM, XDR, or SOAR systems, and helps SOC teams detect and block threats as soon as they emerge in malware samples. Just like TI Lookup, TI Feeds derives data from the latest sandbox investigations of 15,000 SOC teams around the world.   

This approach provides malicious IPs, domains, and URLs that have been active for no more than several hours and can still be used to detect attacks that are happening right now.  All IOCs are linked to sandbox analysis sessions with all the telemetry and behavior data.  

Conclusion 

ClickFix attacks, advanced PhishKits, and LOLBin abuse represent just a few examples of the challenges facing modern SOC teams. 

Success in this environment requires a comprehensive approach that combines interactive analysis capabilities, current threat intelligence, and strategic automation. Organizations that invest in these capabilities see measurable improvements in detection rates, response times, and overall security posture. 

About ANY.RUN  

ANY.RUN supports over 15,000 organizations across industries such as banking, manufacturing, telecommunications, healthcare, retail, and technology, helping them build stronger and more resilient cybersecurity operations.   
 
With our cloud-based Interactive Sandbox, security teams can safely analyze and understand threats targeting Windows, Linux, and Android environments in less than 40 seconds and without the need for complex on-premise systems. Combined with TI Lookup, YARA Search, and TI Feeds, we equip businesses to speed up investigations, reduce security risks, and improve teams’ efficiency. 

The post New Malware Tactics: Cases & Detection Tips for SOCs and MSSPs appeared first on ANY.RUN’s Cybersecurity Blog.

ANY.RUN’s Cybersecurity Blog – ​Read More

Although the benefits of AI assistants in the workplace remain debatable, where they’re being adopted most confidently of all is in software development. Here, LLMs play many roles — from refactoring and documentation, to building whole applications. However, traditional information security problems in development are now compounded by the unique vulnerabilities of AI models. At this intersection, new bugs and issues emerge almost weekly.

Vulnerable AI-generated code

When an LLM generates code, it may include bugs or security flaws. After all, these models are trained on publicly available data from the internet — including thousands of examples of low-quality code. A recent Veracode study found that leading AI models now produce code that compiles successfully 90% of the time. Less than two years ago, this figure was less than 20%. However, the security of that code has not improved — 45% still contains classic vulnerabilities from the OWASP Top-10 list, with little change in the last two years. The study covered over a hundred popular LLMs and code fragments in Java, Python, C#, and JavaScript. Thus, regardless of whether the LLM is used for “code completion” in Windsurf or “vibe coding” in Loveable, the final application must undergo thorough vulnerability testing. But in practice this rarely happens: according to a Wiz study, 20% of vibe-coded apps have serious vulnerabilities or configuration errors.

As an example of such flaws, the case of the women-only dating app, Tea, is often used, which became notorious after two major data leaks. However, this app predates vibe coding. Whether AI was to blame for Tea’s slip-up will be determined in court. In the case of the startup Enrichlead, though, AI was definitely the culprit. Its founder boasted on social media that 100% of his platform’s code was written by Cursor AI, with “zero hand-written code”. Just days after its launch, it was found to be full of newbie-level  security flaws — allowing anyone to access paid features or alter data. The project was shut down after the founder failed to bring the code up to an acceptable security standard using Cursor. However, he remains undeterred and has since started new vibe-coding-based projects.

Common vulnerabilities in AI-generated code

Although AI-assisted programming has only existed for a year or two, there’s already enough data to identify its most common mistakes. Typically, these are:

• Lack of input validation, no sanitization of user input from extraneous characters, and other basic errors leading to classic vulnerabilities such as cross-site scripting (XSS) and SQL injection.
• API keys and other secrets hardcoded directly into the webpage, and visible to users in its code.
• Authentication logic implemented entirely on the client side, directly in the site’s code running in the browser. This logic can be easily modified to bypass any checks.
• Logging errors — from insufficient filtering when writing to logs, to a complete absence of logs.
• Overly powerful and dangerous functions — AI models are optimized to output code that solves a task in the shortest way possible. But the shortest way is often insecure. A textbook example is using the eval function for mathematical operations on user input. This opens the door to arbitrary code execution in the generated application.
• Outdated or non-existent dependencies. AI-generated code often references old versions of libraries, makes outdated or unsafe API calls, or even tries to import fictitious libraries. The latter is particularly dangerous because attackers can create a malicious library with a “plausible” name, and the AI agent will include it in a real project.

In a systematic study, the authors scanned AI-generated code for weaknesses included in the MITRE CWE Top 25 list. The most common issues were CWE-94 (code injection), CWE-78 (OS command injection), CWE-190 (integer overflow), CWE-306 (missing authentication), and CWE-434 (unrestricted file upload).

A striking example of CWE-94 was the recent compromise of the Nx platform, which we covered previously. Attackers managed to trojanize a popular development tool by stealing a token enabling them to publish new product versions. The token theft exploited a vulnerability introduced by a simple AI-generated code fragment.

Dangerous prompts

The well-known saying among developers “done exactly according to the spec” also applies when working with an AI assistant. If the prompt for creating a function or application is vague and doesn’t mention security aspects, the likelihood of generating vulnerable code rises sharply. A dedicated study found that even general remarks like “make sure the code follows best practices for secure code” reduced the rate of vulnerabilities by half.

The most effective approach, however, is to use detailed, language-specific security guidance referencing MITRE or OWASP error lists. A large collection of such security instructions from Wiz Research is available on GitHub; it’s recommended to add them to AI assistants’ system prompts via files like claude.md, .windsurfrules, or similar.

Security degradation during revisions

When AI-generated code is repeatedly revised through follow-up prompts, its security deteriorates. A recent study had GPT-4o modify previously written code up to 40 times, while researchers scanned each version for vulnerabilities after every round. After only five iterations, the code contained 37% more critical vulnerabilities than the initial version. The study tested four prompting strategies — three of which each having a different emphasis: (i) performance, (ii) security, and (iii) new functionality; the fourth was written with unclear unclear prompts.

When prompts focused on adding new features, 158 vulnerabilities appeared — including 29 critical ones. When the prompt emphasized secure coding, the number dropped significantly — but still included 38 new vulnerabilities, seven of them critical.

Interestingly, the “security-focused” prompts resulted in the highest percentage of errors in cryptography-related functions.

Ignoring industry context

In sectors such as finance, healthcare, and logistics there are technical, organizational, and legal requirements that must be considered during app development. AI assistants are unaware of these constraints. This issue is often called “missing depth”. As a result, storage and processing methods for personal, medical, and financial data mandated by local or industry regulations won’t be reflected in AI-generated code. For example, an assistant might write a mathematically correct function for calculating deposit interest, but ignore rounding rules enforced by regulators. Healthcare data regulations often require detailed logging of every access attempt — something AI won’t automatically implement at the proper level of detail.

Application misconfiguration

Vulnerabilities are not limited to the vibe code itself. Applications created through vibe coding are often built by inexperienced users, who either don’t configure the runtime environment at all, or configure it according to advice from the same AI. This leads to dangerous misconfigurations:

• Databases required by the application are created with overly broad external access permissions. This results in leaks like Tea/Sapphos, where the attacker doesn’t even need to use the application to download or delete the entire database.
• Internal corporate applications are left accessible to the public without authentication.
• Applications are granted elevated permissions for access to critical databases. Combined with the vulnerabilities of AI-generated code, this simplifies SQL injections and similar attacks.

Platform vulnerabilities

Most vibe-coding platforms run applications generated from prompts directly on their own servers. This ties developers to the platform — including exposure to its vulnerabilities and dependence on its security practices. For example, in July a vulnerability was discovered in the Base44 platform that allowed unauthenticated attackers to access any private application.

Development-stage threats

The very presence of an assistant with broad access rights on the developer’s computer creates risks. Here are a few examples:

The CurXecute vulnerability (CVE-2025-54135) allowed attackers to order the popular AI development tool, Cursor, to execute arbitrary commands on the developer’s machine. All this needed was an active Model Context Protocol (MCP) server connected to Cursor, which an external party could use for access. This is a typical situation — MCP servers give AI agents access to Slack messages, Jira issues, and so on. Prompt injection can be performed through any of these channels.

The EscapeRoute vulnerability (CVE-2025-53109) allowed reading and writing of arbitrary files on the developer’s disk. The flaw existed in Anthropic’s popular MCP server, which lets AI agents write and read files in the system. The server’s access restrictions just didn’t work.

A malicious MCP server that let AI agents send and receive email via Postmark simultaneously forwarded all correspondence to a hidden address. We predicted the emergence of such malicious MCP servers back in September.

A vulnerability in the Gemini command-line interface allowed arbitrary command execution when a developer simply asked the AI assistant to analyze a new project’s code. The malicious injection was triggered from a readme.md file.

Amazon’s Q Developer extension for Visual Studio Code briefly contained instructions to wipe all data from a developer’s computer. An attacker exploited a mistake of Amazon’s developers, and managed to insert this malicious prompt into the assistant’s public code without special privileges. Fortunately, a small coding error prevented it from being executed.

A vulnerability in the Claude Code agent (CVE-2025-55284) allowed data to be exfiltrated from a developer’s computer through DNS requests. Prompt injection, which relied on common utilities that run automatically without confirmation, could be embedded in any code analyzed by the agent.

The autonomous AI agent Replit deleted the primary databases of a project it was developing because it decided the database required a cleanup. This violated a direct instruction prohibiting modifications (code freeze). Behind this unexpected AI behavior lays a key architectural flaw — at the time, Replit had no separation between test and production databases.

A prompt injection placed in a source code comment prompted the Windsurf development environment to automatically store malicious instructions in its long-term memory, allowing it to steal data from the system over months.

In the Nx compromise incident, command-line tools for Claude, Gemini, and Q were used to search for passwords and keys that could be stolen from an infected system.

How to use AI-generated code safely

The risk level from AI-generated code can be significantly, though not completely reduced through a mix of organizational and technical measures:

• Implement automatic reviewing of AI-generated code as it’s written using optimized SAST tools.
• Embed security requirements into the system prompts of all AI environments.
• Have experienced human specialists perform detailed code reviews, supported by specialized AI-powered security analysis tools to increase effectiveness.
• Train developers to write secure prompts and, more broadly, provide them with in-depth education on the secure use of AI.

Kaspersky official blog – ​Read More

It’s been ten years since two researchers — Charlie Miller and Chris Valasek — terrified a Wired journalist (and then the whole world) with their remote hack of a Jeep Cherokee speeding down the highway. It played out like something straight out of a Stephen King novel — a possessed car gone rogue. The wipers started moving on their own, buttons stopped responding, the radio blasted uncontrollably, and the brake pedal went dead. We’ve covered that case in detail plenty before: here, here, and here.

Since then, cars have continued to evolve rapidly to integrate an ever-wider array of features. Digital electronics now control almost everything — from the engine and fuel systems to autopilot, passenger safety, and infotainment. That also means every interface or component can become a hacker’s entry point: MOST, LIN, and CAN buses, OBD ports, Ethernet, GPS, NFC, Wi-Fi, Bluetooth, LTE… But hey — on the bright side, the latest CarPlay lets you change your dashboard wallpaper!

Jokes aside, the most serious attacks no longer target individual vehicles, but rather their manufacturers’ servers. In 2024, for example, Toyota lost 240GB of data, including customer information and internal network details. A single compromised server can expose millions of vehicles at once.

Even the United Nations has taken note, and for once didn’t stop at “expressing concern”. Together with automakers, the UN has developed two key regulations — UN R155 and UN R156 — setting high-level cybersecurity and software update requirements for vehicle manufacturers. Also relevant is the ISO/SAE 21434:2021 standard, introduced in 2021, which details methods to mitigate cyber-risks throughout vehicle production. Though the above, technically, are recommendations, automakers have a strong incentive to comply: mass recalls can cost tens or even hundreds of millions of dollars. Case in point: following the incident mentioned earlier, Jeep had to recall 1.4 million vehicles in the U.S. alone — and faced a whopping $440 million in lawsuits.

Surprisingly, the UN’s efforts have had real impact. In the last two years, the strict new rules have already led to the discontinuation of several older models, simply because they were designed before the regulations came into force. The discontinued models in 2024 include the Porsche 718 Boxster and Cayman (July), Porsche Macan ICE (April), Audi R8 and TT (June), VW Up! and Transporter 6.1 (June), and Mercedes-Benz Smart EQ Fortwo (April).

What exactly can hackers do?

There are plenty of ways cybercriminals can cause trouble for drivers:

• Creating dangerous situations. Disabling brakes, blasting loud music, or triggering other distractions (as in the Jeep case) can serve as psychological pressure or direct physical threats to anyone inside the vehicle.
• Stealing telematics data. This can be used to launch a targeted attack on specific individuals. In 2024, millions of Kia vehicles were found vulnerable to remote tracking via a dealer portal. With just a license plate number, attackers could locate the car in real time, lock or unlock the doors, start or stop the engine, and even honk the horn. Similar issues have affected BMW, Mercedes, Ferrari, and other manufacturers. Researchers also discovered that by compromising smart alarm systems they could listen to what’s going on in the interior of the car, access vehicle history, and steal owners’ personal data.
• Stealing the car itself. For example, by using devices such as CAN injectors, which connect to the vehicle’s CAN bus (through the headlight circuit, for example) and send commands that mimic signals from the real key.
• Stealing payment data. You might wonder why a car would hold the owner’s credit card info? Well, one was needed to pay for BMW’s heated seat subscription, for example. But while that particular scheme was scrapped after a public backlash, the “everything-as-a-service” trend continues. For example, in 2023, Mercedes-Benz offered electric car drivers the option to pay extra for faster acceleration. The feature would shave 0.9 seconds off the 0–100km/h time for an annual fee of US$600–900!

How real is the threat to your car?

First, let’s determine which category your vehicle falls into. Kaspersky ICS-CERT experts roughly divide all cars into three groups:

Obsolete vehicles — no risk

Vehicles in this group have no interaction with external information systems via digital channels. Their control units are minimal, and the only interface (if any) is the diagnostic OBD port. They can’t be hacked remotely, and there are no known cases of cyberattacks against them — the only real threat is traditional theft. Even if you install a modern multimedia head unit or an emergency response system, those modules remain isolated from the car’s internal components, preventing any attack on critical systems.

Legacy vehicles — highest risk

These models come in-between older cars with nothing to hack (“when cars were car”, etc.), and today’s “computers on wheels” packed with sensors and interfaces. Most of their systems and controls are digital. They typically include a telematics unit for wireless connectivity, a powerful infotainment system, and intelligent driver-assistance features.

Together, these modules form a poorly protected information network where the ability to remotely adjust vehicle settings or control certain systems creates plenty of potential attack vectors. Owners often replace the outdated factory head units with new ones from third-party manufacturers — which rarely prioritize cybersecurity.

Such models are the most vulnerable to serious cyberattacks — including those that can endanger the driver’s or passengers’ lives. But no one is planning serious security updates for them anymore. That ill-fated Jeep mentioned earlier falls squarely into this category.

Modern vehicles — medium risk

The latest models take into account lessons learned from past mistakes, as well as newly developed standards and regulations. Manufacturers now use segmented network architectures with a central gateway that filters traffic to isolate critical systems from the components most exposed to attack — the infotainment and telecom modules.

Major automakers (General Motors was among the first, plus Tesla, Ford, Hyundai, BMW, Mercedes, Volkswagen, Toyota, Honda, and component makers like Bosch and Continental) now have dedicated cybersecurity teams and conduct penetration testing.

However, this doesn’t mean these cars are completely secure. Researchers regularly find new vulnerabilities even in the most advanced models, because their attack surface is far larger than that of older vehicles.

By the way, Kaspersky has developed its own car cybersecurity solution — Kaspersky Automotive Secure Gateway, so our top-tier protection will soon be available for vehicles too.

What to look out for when buying a car?

When buying a new vehicle these days, consider not only the technical specs but also its cybersecurity. Start by checking online for reports of cyberattacks on specific models or their manufacturers — such incidents rarely go unnoticed.

If possible, find information about the following:

• The information network architecture of the car
• The presence of a central security gateway
• Separation of the car’s network into security domains
• Support of CAN-message encryption

You should also ask the dealer the right questions:

• What cybersecurity systems are built into the car?
• How often are software updates released for this model, and how are they installed?
• How can unused smart functions be disabled?

How do you set everything up correctly if you already have a car?

Start with the manufacturer’s mobile app (if one exists).

• Set a strong, unique password that doesn’t contain any personal information. For help with this, see Creating an unforgettable password.
• Strengthen your account security with two-factor authentication or passkeys, if available.
• Regularly check the activity log and the list of devices connected to your account.
• Disable any unused features in both the app and the car.

Next, tighten up the privacy settings in the car itself.

• Turn off telemetry collection where possible.
• Limit access to microphones and cameras.
• Clear your travel history and saved contacts before selling the car.

And let’s not forget about managing connected devices.

• Regularly review paired Bluetooth devices.
• If possible, prohibit Bluetooth pairing without confirmation.
• Remove connections to the devices of previous owners or passengers.
• Disable automatic connection to unknown Wi-Fi networks.

A few final tips:

• Keep your car’s software up to date: install firmware updates as soon as they’re released. Enable automatic notifications for available updates in the car settings.
• Monitor telemetry access: regularly check what data your car collects and who it’s shared with. Many of the latest cars let you limit personal data collection.

What to do if you suspect your car is hacked?

First, ask yourself: “What’s the evidence?” and check for the following signs of compromise:

• Vehicle features unexpectedly turning on and off
• Rapid battery drain with no obvious cause
• Strange notifications in the vehicle’s mobile app
• Inability to control the car normally

If you suspect a hack, do the following:

• Disconnect the car from the internet. Remove the SIM card if possible, or contact your mobile operator to block data transfer for the number linked to the vehicle.
• Change passwords for the car’s mobile app. If possible, terminate all sessions tied to your account (often an option in the settings), or review all connections and remove any unknown devices.
• Take photos of any alerts the car displays.
• If you’ve entered payment card details in the car, block the card immediately.
• Contact an authorized dealer for diagnostics.
• Contact the vehicle manufacturer’s support.
• If you suspect data theft, report it to the police.

Note that for private owners, the most likely threats are tracking and theft. However, for organizations that operate fleets (taxis, car-sharing, transportation or construction equipment companies), the risks are significantly higher. For a deeper dive into current automotive cybersecurity trends, check out our report on the Kaspersky ICS CERT site.

Want to learn more about other threats to car owners? Browse our relevant posts:

• How millions of Kia cars could be tracked
• I know how you drove last summer
• Spies on wheels: how carmakers collect and then resell information
• Automotive apps: who gets your car keys?
• Hacking smart car alarm systems

Kaspersky official blog – ​Read More

Our experts have detected a fraudulent email campaign on behalf of well-known airlines and airports. Since the beginning of September, our solutions have detected and blocked thousands of similar emails in which scammers posed as employees of Amsterdam Schiphol, Emirates Airlines, Etihad Airways, Lufthansa, Qatar Airways, and other well-known large aviation-related companies. Our experts then started discovering similar mailings exploiting the names of companies in the oil and gas sector. The attackers are imitating normal business correspondence, pretending to be looking for new partners and targeting companies of various sizes and from various industries. The essence of the scheme boils down to convincing the recipients of emails to transfer money to the fraudsters’ accounts.

How the fraudulent scheme works

Attackers try to draw the victim into a correspondence exchange. At the first stage, they send the victim a rather innocuous email on behalf of the procurement department of a major airline or airport, in which they announce the start of a partnership program for 2025/2026, and offer them mutually beneficial cooperation. If the recipient responds, the second stage begins: they send several documents to divert attention — registration forms for a new partner, non-disclosure agreements, and so on.

These emails don’t contain malicious attachments or links, and there are no hidden scripts in the documents, so basic defense mechanisms don’t always block such correspondence. Attackers use only social engineering techniques. In the next letter they ask to pay a certain “mandatory refundable deposit as an expression of interest” of around several thousand dollars. The purpose of this payment is supposedly to secure a priority place on the schedule for consideration of partnership proposals. And the authors of the email give assurances that once the partnership agreement is finalized the money will be returned.

How to realize there’s something wrong with the email

The letters used in this campaign look very plausible, but some inconsistencies can still be detected with the naked eye. The first thing to look closely at is the sender’s e-mail address. It often contains the name of the organization whose employees the scammers are imitating. But if you search for the company’s real website and examine addresses listed at the contact section, you’ll see that the legitimate address of the airport or airline employees have a different domain name. Sometimes attackers don’t bother to keep the From field plausible at all, and simply write the name of the imitated organization in the displayed name field, so you can see a completely unrelated domain in the email address field.

The general rule for business correspondence that for some reason raises suspicion: if there are any doubts, you can write a letter to the address specified on the official website of the company and clarify whether an affiliate program mentioned in the emails really exists, whether the sender works for this company, and whether the address used in a suspicious email is their real email.

But the main red flag is the offer to make a deposit to “express interest”. Respectable companies don’t work that way. They choose partners, suppliers, and contractors after a serious and comprehensive business reputation check — not based on the ability to transfer a small (by their standards) amount of money.

How to protect your company from fraudsters

Ideally, you should implement solutions that prevent fraudulent, phishing and malicious emails from reaching employee inboxes in the first place. We recommend installing strong protection at the corporate email gateway level.

Another important aspect of protecting your company from cyberthreats is to increase employee awareness of scammers’ tricks and other cyberthreats. Particular attention should be paid to training for finance, sales and procurement staff. Comprehensive training sessions can be conducted, for example, via our online Kaspersky Automated Security Awareness Platform.

Kaspersky official blog – ​Read More