A threat actor has been observed using AI coding tools to create malware that can evade endpoint detection and response (EDR) systems. This was discovered by Sophos X-Ops when abnormal activity was detected in a customer's system. The AI-assisted development involved humans at every step to verify the processes, with AI speeding up the creation and testing cycles. The malware development aimed at stealth post-exploitation tasks, disguised as a red team project to bypass security checks.
Despite the advancements in AI, Sophos emphasizes the importance of maintaining robust cybersecurity measures, including timely patches, multi-factor authentication, and broad EDR deployment.