The State of AI Cyber Security 2025 (Check Point) 1️⃣ Jailbroken LLMs like WormGPT and DarkGPT are used to write phishing emails, generate malware, and create social engineering scripts—without any built-in safety filters. 2️⃣ Real-time audio deepfakes are now part of live phone scams, with tools that can mimic voices mid-call and switch languages on the fly. 3️⃣ Tools like the “Business Invoice Swapper” automatically scan inboxes, find invoices, and swap out payment details to redirect funds. 4️⃣ LLM accounts like ChatGPT Plus and OpenAI API keys are being stolen through credential stuffing and traded on forums, often using tools like Silver Bullet. 5️⃣ State-linked groups are using AI tools like Gemini for phishing, vulnerability research, content creation, and reconnaissance throughout their attack campaigns. 6️⃣ In enterprise environments, 1 in every 80 AI prompts is flagged as high-risk for data leaks, and 1 in 13 contains potentially sensitive info. 7️⃣ Criminals use models like DarkGPT to sift through stolen data, pulling out passwords, tokens, and other valuable credentials for targeted attacks. 8️⃣ Cybercriminals are selling AI tools at clear price points: GoMailPro (an AI spam tool) goes for $500/month; deepfake phone scam systems start at $20,000 or $1.50/minute; KYC bypass kits using fake AI-generated documents sell for $350–500; and deepfake videos used in scams range from a few hundred to a few thousand dollars depending on quality. engage.checkpoint.com/2025-a… #AIThreats #WormGPT #DarkGPT #HackerGPT #FraudGPT #BusinessInvoiceSwapper #ChatGPT #OpenAI #Gemini #SilverBullet #DarkWebSales #DeepfakeScams #AIVoiceClone #KYC #GoMailPro #LummaC2 #CyberFraud #BEC #InfostealerLogs #AIPhishing @CheckPointSW