CrowdStrike Report Highlights Surge in Cyberattacks Fueled by Generative AI Technology

CrowdStrike has released its 2025 Threat Hunting Report, revealing how adversaries are leveraging Generative AI (GenAI) to enhance and scale cyberattacks, particularly against autonomous AI systems within enterprises. The report draws on intelligence from CrowdStrike’s team of threat hunters and analysts, surveying attacks from over 265 known adversary groups. Findings indicate that attack vectors are evolving with increased automation and AI utilisation, alongside a growing focus on targeting AI-driven systems themselves. GenAI-built malware is now operational, with lower-tier cybercriminals and hacktivist groups employing AI to generate scripts, troubleshoot technical issues, and develop new forms of malware. Early examples, such as Funklocker and SparkCat, illustrate how the barrier to entry for sophisticated cybercrime has been significantly lowered.

The report highlights a notable increase in attacks on cloud infrastructure, particularly driven by China-linked adversaries, who accounted for 40% of a 136% rise in such incidents during the first half of 2025. Threat actors like GENESIS PANDA and MURKY PANDA exploited cloud misconfigurations and access privileges to execute their attacks, while GLACIAL PANDA focused on embedding itself within telecommunications networks, resulting in a 130% year-over-year surge in nation-state activity in that sector. Beyond technical exploits, AI is also being harnessed to automate social engineering campaigns. The North Korea-linked group FAMOUS CHOLLIMA utilised GenAI to create fraudulent résumés, generate deepfake videos for interviews, and complete technical assignments under assumed identities, infiltrating over 320 companies worldwide, which represents a 220% year-over-year increase.