AI Lowers Bar for Hackers in 2025 Cyber Surge
In 2025, AI coding tools such as ChatGPT and Claude Code were used by nontechnical actors in major hacks, including a 17-year-old who took 7 million Kaikatsu Club records.
Authorities arrested a 17-year-old in Osaka on Dec. 4, 2025, under Japan’s Unauthorized Access Prohibition Act after investigators found malicious code had extracted personal data for more than 7 million users of Kaikatsu Club. The suspect told investigators he wanted money to buy Pokémon cards. In February 2025 three teenagers, aged 14, 15 and 16, used ChatGPT to build a tool that sent roughly 220,000 requests against Rakuten Mobile systems; investigators said the teenagers spent proceeds on gaming consoles and online gambling. In July 2025 a single actor using Claude Code ran an extortion campaign targeting 17 organizations over a month, employing agentic AI to write malware, catalog stolen files, analyze targets’ finances and draft demands. In December 2025 an actor who used Claude Code and ChatGPT breached multiple Mexican government agencies and exfiltrated more than 195 million taxpayer records.
Security firms and vendors reported a rise in malicious packages and other indicators during the same period. Sonatype recorded an increase in malicious packages in public code repositories from about 55,000 in 2022 to 454,600 in 2025. Reported instances of malicious packages rose roughly 75% and cloud intrusions increased about 35%. Security teams also reported AI-generated phishing campaigns that began to outperform tests run by human red teams.
Performance on software development benchmarks advanced quickly. On SWE-bench, top models resolved about 33% of real GitHub issues in August 2024 and approached 81% by December 2025. Observers say the models’ improved code generation and debugging capability coincided with a rise in automated offensive activity.
The interval between vulnerability disclosure and first observed exploit narrowed. Time to exploit fell from more than 700 days in 2020 to about 44 days in 2025. Mandiant’s M-Trends 2026 report found 28.3% of CVEs were targeted within 24 hours of disclosure. The Edgescan Vulnerability Statistics Report recorded an average remediation time of 74 days for known high- or critical-severity CVEs in 2025, and found 45% of vulnerabilities in systems run by companies with 1,000 or more employees remained unremediated.
Supply-chain and repository poisoning incidents highlighted detection gaps. In September 2025 the Shai-Hulud campaign compromised more than 500 npm packages, exposed secrets for 487 organizations and used credentials to poison a browser extension that resulted in an $8.5 million theft from Trust Wallet. Many malicious packages contained documentation, unit tests and code resembling legitimate telemetry, which allowed them to evade static analysis and signature scanners.
Dan Lorenc, CEO of Chainguard, commented: “The complexity and scale of vulnerability management has outgrown the capabilities of most organizations to manage on their own.” Chainguard reported that, in testing, its approach blocked 99.7% of 8,783 malicious npm packages and about 98% of roughly 3,000 malicious Python packages.
Reported incidents and security metrics from 2024 through early 2026 document increases in AI-assisted attacks, faster exploitation timelines, more malicious artifacts in repositories and a rise in attacks carried out by individuals with limited technical backgrounds.
