5 AI Attack Patterns Youย Canโt Ignore
Whatโsย inside the report
- The top five discoveries from Cato CTRL in 2025: Significant findings in the AI threat landscape that signal a new era of cybercrime.ย
- OpenAIโs ChatGPT image generator enables creation of fake passports
- Uncensored WormGPT variants powered by Grok and Mixtral
- PoC attack targeting Atlassianโs Model Context Protocol (MCP) introduces new โliving off AIโ risk
- HashJack, a novel indirect prompt injection technique targeting AI browser assistants
- Weaponization of Claude Skills with MedusaLocker to boost ransomware operations
- Top five AI applications used in 2025: Copilot, OpenAI, Gemini, Grammarly, and Perplexity all saw adoption rise from Q1 to Q4 2025.
- AI adoption consistent across industries: 20 out of 25 verticals shows adoption rates of 90% or higher by Q4 2025.
Summary:
In 2025, Cato CTRL uncovered a decisive shift in the AI threat landscape. Threat actors are no longer just exploiting AI systems. Theyโre exploiting AI trust, workflows, and capabilities themselves.
Across five major discoveries, Cato CTRL demonstrated how AI tools can be manipulated indirectly, embedded into enterprise processes, repurposed for offensive use, and abused to scale fraud and ransomware.
Together, these findings show that AI has become a new attack surface that challenges security assumptions and demands AI-aware defense strategies.
