Hackers Hijack AI Tools to Launch Malicious Payloads

Hackers are exploiting misconfigured artificial intelligence tools to launch sophisticated cyberattacks by generating malicious AI-powered payloads, according to researchers at Sysdig. These intrusions leverage exposed APIs, unsecured machine learning environments, and open-source platforms like Jupyter and TensorFlow to gain unauthorized access.

Once inside, attackers use the compromised AI infrastructure to create dynamic, context-aware malware, phishing content, and social engineering scripts. By injecting prompts into language models or manipulating training data, they generate code that traditional detection systems struggle to identify.

The attacks often result in corrupted AI models that continue producing harmful outputs even after the breach, creating long-term security risks. Analysts noted unusual computational spikes and network activity as key indicators of compromise.

These threats frequently target enterprise systems where AI is integrated with broader infrastructure, opening paths for lateral movement and privilege escalation. Payloads vary by environment, using shell scripts for Linux or PowerShell commands on Windows to maintain persistence and evade detection.