Menace actors try to leverage a newly launched synthetic intelligence (AI) offensive safety instrument known as HexStrike AI to take advantage of just lately disclosed safety flaws.
HexStrike AI, in response to its web site, is pitched as an AI‑pushed safety platform to automate reconnaissance and vulnerability discovery with an goal to speed up licensed pink teaming operations, bug bounty searching, and seize the flag (CTF) challenges.
Per info shared on its GitHub repository, the open-source platform integrates with over 150 safety instruments to facilitate community reconnaissance, net utility safety testing, reverse engineering, and cloud safety. It additionally helps dozens of specialised AI brokers which are fine-tuned for vulnerability intelligence, exploit growth, assault chain discovery, and error dealing with.
However in response to a report from Verify Level, menace actors try their fingers on the instrument to achieve an adversarial benefit, trying to weaponize the instrument to take advantage of just lately disclosed safety vulnerabilities.
“This marks a pivotal second: a instrument designed to strengthen defenses has been claimed to be quickly repurposed into an engine for exploitation, crystallizing earlier ideas right into a broadly obtainable platform driving real-world assaults,” the cybersecurity firm stated.
Discussions on darknet cybercrime boards present that menace actors declare to have efficiently exploited the three safety flaws that Citrix disclosed final week utilizing HexStrike AI, and, in some instances, even flag seemingly susceptible NetScaler cases which are then provided to different criminals on the market.
Verify Level stated the malicious use of such instruments has main implications for cybersecurity, not solely shrinking the window between public disclosure and mass exploitation, but additionally serving to parallelize the automation of exploitation efforts.
What’s extra, it cuts down the human effort and permits for routinely retrying failed exploitation makes an attempt till they develop into profitable, which the cybersecurity firm stated will increase the “general exploitation yield.”
“The quick precedence is evident: patch and harden affected programs,” it added. “Hexstrike AI represents a broader paradigm shift, the place AI orchestration will more and more be used to weaponize vulnerabilities shortly and at scale.”
The disclosure comes as two researchers from Alias Robotics and Oracle Company stated in a newly printed examine that AI-powered cybersecurity brokers like PentestGPT carry heightened immediate injection dangers, successfully turning safety instruments into cyber weapons through hidden directions.
“The hunter turns into the hunted, the safety instrument turns into an assault vector, and what began as a penetration check ends with the attacker gaining shell entry to the tester’s infrastructure,” researchers Víctor Mayoral-Vilches and Per Mannermaa Rynning stated.
“Present LLM-based safety brokers are basically unsafe for deployment in adversarial environments with out complete defensive measures.”
