AI Tools Are Arming Hackers Too: Flashpoint Reports 1,500% Surge in Illicit AI Use

The same AI capabilities accelerating business operations are also expanding the offensive toolkit available to cybercriminals. Threat intelligence firm Flashpoint has released findings showing a staggering 1,500% surge in illicit AI-related discussions in criminal forums between November and December 2025—a signal that threat actors are rapidly integrating AI into their attack workflows.

According to Flashpoint, AI is lowering the barrier to entry for certain types of attacks—particularly vulnerability discovery and analysis. This means hackers who previously lacked the technical sophistication to identify exploitable flaws can now use AI to do it at scale and speed.

One of the most alarming findings: the window between a vulnerability being discovered and it being actively exploited in the wild has already shrunk to as little as 24 hours in some cases. AI is expected to compress that window even further.

Flashpoint also warned that legacy codebases face renewed risk: AI systems can analyze historical code at scale, resurfacing older vulnerabilities that were previously deprioritized or assumed low risk.

Key Takeaways

• Flashpoint recorded a 1,500% surge in illicit AI-related discussions between November and December 2025, signaling rapid criminal AI adoption
• AI is shortening the time between vulnerability discovery and exploitation—in some cases to under 24 hours
• Legacy systems are newly exposed: AI can analyze old codebases at scale, reactivating dormant vulnerabilities
• Organizations need to accelerate vulnerability prioritization and patch velocity to match the pace of AI-assisted attacks

As Flashpoint's Ian Gray noted: "The window between discovery and potential exploitation continues to narrow." Defenders need to treat AI-assisted threats as a fundamentally new threat category—not just a faster version of what came before.

Read the full article on SecurityBrief New Zealand