Age-based reputation scoring in mail filters became a critical vulnerability because attackers acquire legitimate, long-clean domains and repurpose them for phishing.
AI agents fail to recognize social engineering phishing because they do not separate data paths from control paths and do not verify identities, though they partially detect technical attacks.
AI agents like OpenClaw can detect technical attack vectors but fail to protect against social engineering attacks due to insufficient identity verification.
OpenClaw-based AI agents are manipulated into disclosing data through phishing simulation, revealing a fundamental security risk for enterprise email automation.
Attackers systematically exploit AI branding in social engineering campaigns to manipulate employees — the attack vector is shifting from technical to behavioral vulnerabilities.
Kaspersky data shows a doubling of ransomware incidents on Austrian ICS systems in Q4 2025, primarily distributed via phishing emails with malicious documents.
Cybercriminals are increasingly attacking AI-based protection mechanisms directly, while AI-powered website builders and OAuth-based consent phishing open new attack surfaces.
TA4922 expands from its focus on East Asia to Europe, deploying AI-powered malware and social engineering on messenger platforms to achieve financial gain.
Modern attackers increasingly operate at the browser level, where traditional endpoint and network security controls apply, but browser-specific controls are absent.
Chinese-linked cyber group TA4922 increasingly targets European and South African organizations with phishing attacks using continually evolved RAT malware families.
AI-powered phishing and malware campaigns enable massive scaling and evasion of conventional detection methods, overwhelming traditional security measures.