Malware's AI time bomb
Hackers already have the AI tools needed to create the adaptable, destructive malware that security experts fear. But as long as their basic tactics — phishing, scams and ransomware — continue to work, they have little reason to use them.
Why it matters: Adversaries can flip that switch anytime, and companies need to prepare now.
Driving the news: The looming threat of autonomous cyberattacks was a top talking point at the inaugural HumanX conference in Las Vegas this week.
"You know that phrase, 'Keep your powder dry'? That's what attackers are doing right now," James White, chief technology officer at AI security startup CalypsoAI, told Axios, implying that bad actors are ready for battle.
The big picture: Cyber leaders have long feared generative AI would enable autonomous cyberattacks, making current security tools ineffective.
These attacks could involve AI agents carrying out hackers' bidding or malware that adapts in real time as it spreads.
Between the lines: A few years into the generative AI revolution, experts are split on how imminent these threats are.
Some say we're less than two years away from seeing agentic malware in nation-state cyber warfare.
Others argue hackers have little incentive to change tactics as they continue to profit from simple scams, phishing and ransomware.
Threat level: Even though AI-powered malware has yet to flood the zone, companies can't rest easy.
"The rate of acceleration is insane," Evan Reiser, CEO of email security company Abnormal Security, told Axios. "You don't have to be a total science fiction nerd, like me, to imagine where this can go in one year, two years."
AI will speed up attacks, leaving defenders with little time to react.
Meanwhile, most organizations are still behind on basic security measures, Reiser said, noting that the typical company is focused on setting up two-factor authentication. Abnormal Security works with about 20% of the Fortune 500.
Reality check: Startups selling AI security tools have an interest in hyping potential threats.
Mandiant says it has yet to respond to an attack involving truly autonomous AI or adaptable malware.
"I'm actually not worried about any of that right now," Charles Carmakal, CTO at Mandiant, told Axios.
Mandiant has mostly seen adversaries using AI for basic tasks like crafting phishing emails or researching targets.
The intrigue: Companies hiring cybersecurity vendors are beginning to understand that the best way to fight AI attacks is with AI security tools, said Itai Tevet, CEO of Intezer, a startup that offers an autonomous security operation center.
"It's dramatically different between 2023 and today," Tevet told Axios. "In the past, we needed to evangelize on why technology can do the same job. Today, all CISOs are getting asked by their board, 'How do you leverage AI?'"
Zoom in: AI agents can also help threat intelligence teams review the pile of notifications they receive about new vulnerabilities, phishing emails and other malicious activity, Steve Schmidt, chief security officer at Amazon, said in a fireside chat with Axios.
Amazon currently doesn't let agents make decisions or act on their own, but they can review the threat intelligence coming in to determine what needs to be prioritized.
"We've ended up significantly improving the lives of the security engineers, making them more efficient at what they have to do," Schmidt said.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Axios
35 minutes ago
- Axios
Republicans scramble to avoid a war with Elon Musk
House Republicans, dismayed by Elon Musk's harsh criticism of President Trump's "One Big, Beautiful Bill," are now trying to talk their erstwhile ally down from the ledge. Why it matters: With over $400 billion at his disposal, the Tesla and SpaceX owner could drown Republicans in opposition cash. And he's saying GOP lawmakers who voted for the bill should be "fired." House Speaker Mike Johnson (R-La.) said he called Musk on Tuesday but that the recently departed Trump lieutenant "didn't answer," adding that he hopes to "talk to him today." What we're hearing: Coming out of their closed-door conference meeting, House Republicans projected optimism they can get Musk back on side. "There's a sense that Elon is still learning about the full number of wins in the One Big, Beautiful Bill," another House Republican, speaking on the condition of anonymity to describe private conversations, told Axios. The lawmaker said House Republicans have "talked to him in the last 24 hours" and "have helped him understand the big picture." Another House Republican told Axios: "I think he'll recognize maybe more than most the challenge that we face when we're trying to cut spending. He simply wants more spending as I understanding. He should know how hard that is." State of play: Musk slammed the bill as a "disgusting abomination" on Tuesday, writing in a post on X, "Shame on those who voted for it: you know you did wrong. You know it." In another post, Musk responded to another user's criticism of the bill writing, "In November next year, we fire all politicians who betrayed the American people." All but five House Republicans voted for the reconciliation bill last month. Between the lines: Johnson said he had a "great conversation" with Musk on Monday morning, before his social media rampage, and that "it's curious to me what happened this week." The House speaker said Musk told him in that conversation that he would lend support to Republicans in the 2026 elections. Zoom in: There is also simmering anger behind the scenes, with Johnson telling colleagues in the conference meeting that Trump is "pissed off" at Musk, according to a source familiar with his comments. A third House Republican argued that the bill benefits "middle class families and taxpaying, working-class people" and that "maybe that upsets the billionaire class, I don't know." "I think he's flat wrong," Johnson said at his press conference. "I think he's way off on this and I've told him as much."
Yahoo
an hour ago
- Yahoo
Exclusive: Vivrelle raises $62 million to expand its service renting handbags from Prada and Chanel as part of a luxury ‘lifestyle'
– Ready to rent. Retail has never been the easiest business. Case in point: the recent 2025 Fortune 500, where only six apparel retailers make the cut among the largest 500 businesses in the U.S. But it's a field where innovation never stops, from the earliest entrants into clothing rental to newer upstarts—who believe they can make a difficult category work. The founders of Vivrelle just raised $62 million to prove that, Fortune is the first to report. Vivrelle offers a subscription service that allows customers to rent luxury accessories, mainly handbags and jewelry. Rather than the utility of an expanded wardrobe, it's selling the dream of luxury. Husband-and-wife founders Wayne and Blake Griffin wrote the original business plan on their honeymoon in the Maldives after Blake had the idea in the lead-up to their wedding. Vivrelle's Series C round was funded entirely by the venture firm Protagonist, which describes itself as a 'hands-on' firm that helps founders scale. Cofounder Wayne Geffen says the company is profitable and saw triple-digit growth in 2024. The startup has positioned itself as a lifestyle brand, setting up in hotspots like the Hamptons and Four Seasons hotels to attract customers looking to add some designer flair to their outfits (which can also be shopped through a partnership with fashion retailer Revolve). Its inventory includes bags from Chanel, Prada, and YSL—and some of this $62 million will go toward adding big-ticket items. At almost eight years old with about 100 employees, Vivrelle is part of the next generation of rental services—alongside an idea like Pickle, the peer-to-peer clothing rental service that capitalizes on trends while avoiding the headaches of inventory. Vivrelle offers four membership tiers ranging from $45 to $309 a month. It's hard to classify a membership as anything other than a budget 'extra,' but for women who would otherwise be buying luxury items or who feel pressure to have a constant rotation of outfits on social media, it can be a mentally classified as a cost-saver—or just an accessible luxury. 'It really is a fun, exciting service,' cofounder Wayne Geffen says. Like with most rental services, members have the option to eventually buy the items they rent. The luxury focus cuts down on marketing costs, Blake Geffen adds. 'We don't have to market the accessories we have,' she says. 'People know they want it.' Instead, Vivrelle is marketing a lifestyle—one whose trappings have become simultaneously more expected than ever, thanks to social media, while still out of reach economically for most people. 'It's having this lifestyle,' Blake Geffen says, 'that some people can only dream of.' Emma The Most Powerful Women Daily newsletter is Fortune's daily briefing for and about the women leading the business world. Today's edition was curated by Nina Ajemian. Subscribe here. This story was originally featured on
Yahoo
an hour ago
- Yahoo
Rails launches perps-only crypto exchange in the U.S. with $14 million in new funding to build a better FTX
A new type of crypto exchange called Rails is launching in the U.S. this week. Backed by $20 million in funding, including $14 million in new token warrants, Rails wants to stand out in a crowded field by offering U.S. traders a popular but hard-to-access type of asset: perpetual futures, or perps. Perpetual futures are a crypto-specific type of derivative and have been offered for years at offshore exchanges, but not in the U.S. until recently due to regulatory uncertainty. In an interview with Fortune, Rails cofounder and CEO Satraj Bambra said the new exchange decided to launch perps in the U.S. after consulting with lawyers and working with regulators overseeing the market. 'This is not random,' he said. 'No one would do this in the previous administration.' Not many crypto founders, or their investors, would evoke the image of the failed crypto empire FTX. Still, both Bambra and his chief backer, Slow Ventures' Sam Lessin, said their goal for Rails is to build a better version of Sam Bankman-Fried's collapsed exchange. Perps lie at the center of that vision. Most U.S. exchanges offer spot trading for popular cryptocurrencies, meaning users can buy and sell digital assets like Bitcoin and Ethereum at their current (spot) price. Many sophisticated traders, however, prefer a wider array of products that allow them to speculate on the future price of the asset, whether it rises or sinks. Such tools, called derivatives, allow traders to bet on price movement without holding the underlying asset. While derivatives are common in traditional finance, crypto's 24/7 nature gave rise to a new type of tool through perps, which operate like futures contracts but don't expire. 'We're a true trading platform,' said Bambra. 'You want to be able to play both sides of the market.' FTX rose in popularity in part because of its suite of trader-friendly tools, including perps, though it never launched the product in the U.S. 'Obviously, you need exchanges to be really high performance and good for traders, which FTX was in its day,' said Lessin. 'Save for the big issues.' One of the core issues with FTX was that the exchange held its users' assets rather than allowing them to self-custody—a problem that infamously blew up because Bankman-Fried used them to fund his own venture investments and luxury real estate. Bambra himself is a crypto trader, running the $100 million liquid fund for the top Canadian crypto venture firm Round13. He said that the operation had a 'significant' amount stuck on FTX, which it later recovered in the bankruptcy, though he declined to give a specific figure. Rails is deviating from the FTX model, which is also practiced by many centralized U.S. exchanges, by offering on-chain custody to its users, which Bambra argued allows for increased transparency. The matching engine for Rails, however, is centralized, which Bambra said will allow the company to offer the speed of competitors like Coinbase while offering the on-chain verifiability of decentralized exchanges like Uniswap. 'This is an idea that's extremely native to the builders,' said Lessin. 'They're solving their own problems.' Bambra cofounded the company with his wife Megha Bambra, who is the CTO of Rails; the former COO of Grindr, Rick Marini; and the lawyer Brent Vegliacich. Rails previously announced a $6.2 million funding round and its intention to launch offshores in March 2024, but the election of Donald Trump allowed the company to change its plans. The CFTC has evolved its guidance on perps, with outgoing commissioner Summer Mersinger saying in May that perps could receive regulatory approval in the U.S. 'very soon.' (Mersinger left her post to lead a crypto trade association.) The shift is part of a broader sea change under the Trump administration that has seen agencies loosen their approach to crypto regulation. Other exchanges are dipping their toes into launching perps in the U.S. In March, Coinbase announced it would start offering the product in May, though it is limited to a specific subset of users. Coinbase previously launched perps in overseas markets in mid-2023. Rails will represent the first major launch of the product in the U.S. that is available to both retail and institutional users. It is going live this week with trading for four top assets: Bitcoin, Ethereum, Solana, and XRP, with a plan to add more over the summer, according to Bambra. Rails is also planning to integrate its own native token into the platform—an approach taken by other exchanges like FTX and Binance, but not U.S.-based ones due to regulatory fears. Bambra said that Rails' token, which it plans to launch this fall, will differ from other exchange tokens like FTT and BNB because users won't be able to use it for collateral, but instead for other functions like volume discounts. The fresh $14 million in funding is through token warrants rather than traditional equity. Bambra added that the token will be listed on Kraken, which is backing Rails. Though the exchange will be available in other international markets, Rails' embrace of esoteric products for a U.S. customer base reflects the country's shifting approach—and appetites. 'Crypto traders are inherently a little bit more sophisticated because of the degenerative nature of the space,' said Bambra. This story was originally featured on Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
