AI-Powered Cyberattacks Surge in 2025: A New Era of Low-Skill, High-Impact Threats
In December 2025, a 17-year-old in Osaka, Japan, was arrested under the Unauthorized Access Prohibition Act after using malicious code to steal the personal data of over 7 million users from Kaikatsu Club, the country’s largest internet café chain. His motive? Funding a purchase of Pokémon cards. While the incident echoes past cybercrimes driven by notoriety or profit, this case stands out for one key reason: the attacker had no technical background.
The breach reflects a broader shift in 2025, where AI-powered tools have dramatically lowered the barrier to entry for cyberattacks. Advanced large language models (LLMs) and agentic coding platforms such as ChatGPT and Claude Code have evolved from error-prone assistants into end-to-end attack enablers. The result: a surge in sophisticated attacks carried out by individuals with little to no prior expertise.
The Rise of AI-Assisted Cybercrime
Throughout 2025, cybercrime metrics spiked across the board. Malicious packages in public repositories skyrocketed from 55,000 in 2022 to 454,600 by the end of 2025, with sharp increases following the release of GPT-4 in 2023 and the rise of agentic coding in 2025. Cloud intrusions rose by 35%, while AI-generated phishing campaigns began outperforming human-led red teams.
The most alarming trend is the collapse of the exploit window. In 2020, attackers took over 700 days to weaponize a known vulnerability; by 2025, that time had shrunk to just 44 days. Mandiant’s M-Trends 2026 report found that 28.3% of vulnerabilities were exploited within 24 hours of disclosure often before patches were available.
Non-technical actors have become a major threat. In February 2025, three teenagers (ages 14–16) used ChatGPT to build a tool that launched 220,000 attacks on Rakuten Mobile, funding gaming consoles and online gambling. In July, a single attacker leveraged Claude Code to extort 17 organizations in a month, using AI to generate malicious code, organize stolen data, and draft extortion emails. By December, another individual breached 10 Mexican government agencies, stealing 195 million taxpayer records all without deep technical knowledge.
Defenders Struggle to Keep Pace
While AI accelerates both offense and defense, the data suggests attackers are pulling ahead. The average time to remediate a critical vulnerability now stands at 74 days, with 45% of vulnerabilities in large organizations going unpatched entirely. Meanwhile, AI-generated malware is slipping past traditional detection tools by mimicking legitimate code complete with documentation, unit tests, and realistic telemetry modules.
The Shai-Hulud attack in September 2025 exemplified the new threat landscape. Targeting the npm ecosystem, it compromised 500 packages, exposed secrets from 487 organizations, and led to an $8.5 million theft from Trust Wallet after attackers poisoned its Chrome extension. The incident prompted widespread code freezes as organizations scrambled to assess their exposure.
A Shift in Defense Strategy
With exploit windows shrinking and AI lowering the skill floor for attackers, traditional patching and detection methods are proving insufficient. The solution, some argue, lies in eliminating entire categories of vulnerabilities at the source. Chainguard’s Libraries project, for example, rebuilds open-source software from verified, attributable source code blocking 99.7% of malicious npm packages and 98% of Python threats in testing by structurally preventing attacks like dependency confusion, CI/CD takeovers, and token theft.
The numbers tell the story: 454,600 malicious packages in 2025. 394,877 in a single quarter. An amateur in Algeria deployed ransomware that hit 85 targets in his first month. A teenager in Japan exfiltrated 7 million records to buy trading cards. As AI tools become cheaper and more accessible, the gap between intent and capability continues to narrow ushering in an era where even novices can launch devastating attacks.
Source: https://thehackernews.com/2026/05/2026-year-of-ai-assisted-attacks.html
Rakuten Mobile TPRM report: https://www.rankiteo.com/company/rakuten
"id": "rak1777977150",
"linkid": "rakuten",
"type": "Cyber Attack",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '7 million',
'industry': 'Hospitality/Retail',
'location': 'Japan',
'name': 'Kaikatsu Club',
'size': 'Large (country’s largest)',
'type': 'Internet café chain'}],
'attack_vector': 'AI-generated malicious code',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '7 million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (personally identifiable '
'information)',
'type_of_data_compromised': 'Personal data'},
'date_detected': '2025-12',
'description': 'A 17-year-old in Osaka, Japan, used malicious code to steal '
'the personal data of over 7 million users from Kaikatsu Club, '
'Japan’s largest internet café chain, to fund a purchase of '
'Pokémon cards. The attack reflects a broader trend in 2025 '
'where AI-powered tools have lowered the barrier to entry for '
'cyberattacks, enabling individuals with little to no '
'technical background to execute sophisticated breaches.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Personal data of over 7 million users',
'identity_theft_risk': 'High',
'systems_affected': 'Kaikatsu Club’s database'},
'investigation_status': 'Completed (attacker arrested)',
'lessons_learned': 'AI-powered tools have dramatically lowered the barrier to '
'entry for cyberattacks, enabling non-technical '
'individuals to execute sophisticated breaches. '
'Traditional patching and detection methods are '
'insufficient against AI-generated malware and shrinking '
'exploit windows.',
'motivation': 'Financial gain (funding Pokémon card purchase)',
'post_incident_analysis': {'corrective_actions': 'Adoption of verified, '
'attributable source code '
'(e.g., Chainguard’s '
'Libraries) to prevent '
'dependency confusion and '
'token theft. Enhanced '
'monitoring for AI-generated '
'malware.',
'root_causes': 'AI-powered tools (e.g., ChatGPT, '
'Claude Code) enabling '
'non-technical attackers to '
'generate malicious code and '
'execute breaches. Lack of '
'structural defenses against '
'AI-assisted attacks.'},
'recommendations': 'Eliminate entire categories of vulnerabilities at the '
'source (e.g., Chainguard’s Libraries project). Improve '
'vulnerability remediation timelines and adopt structural '
'defenses against AI-assisted attacks.',
'references': [{'source': 'Mandiant’s M-Trends 2026 report'}],
'regulatory_compliance': {'legal_actions': 'Arrest of the attacker',
'regulations_violated': 'Unauthorized Access '
'Prohibition Act (Japan)'},
'response': {'law_enforcement_notified': 'Yes (arrest under Unauthorized '
'Access Prohibition Act)'},
'threat_actor': '17-year-old individual (non-technical background)',
'title': 'AI-Powered Cyberattack on Kaikatsu Club by Teenager in Japan',
'type': 'Data Breach'}