THE Hacker News argues that 2025 into 2026 marks a turning point for AI-assisted cyber attacks, with LLM-backed tools moving from helpful aids to end‑to‑end capabilities that accelerate wrongdoing. The piece notes that measures of cybercrime frequency and severity roughly doubled across 2025, while the use of agentic coding and AI-generated malware has lowered the barriers to entry for non-technical offenders and single actors.
It cites a rise in malicious npm packages, totaling 454,600 by 2025 from 55,000 in 2022, and highlights a September 2025 incident where the Shai‑Hulud supply chain attack compromised over 500 npm packages, with 487 organisations having secrets exposed and $8.5 million stolen from Trust Wallet. The article also points to dramatic reductions in exploit windows, with time to exploit collapsing to 44 days in 2025 and 28.3% of CVEs exploited within 24 hours of disclosure, according to Mandiant’s M‑Trends 2026 findings.
It recounts a December 2025 case where a 17‑year‑old exfiltrated 7 million records to buy Pokémon cards, underscoring the rise of non‑technical actors empowered by AI, and it suggests Chainguard Libraries can render entire attack categories structurally impossible, citing Chainguard’s claims of 99.7% and 98% blocking rates in tested malware instances; according to Chainguard, this approach may help organisations refocus on critical risk areas as AI‑driven threats proliferate.