Bad Actors Have Smart Software and Use It… a Lot

March 26, 2026

Another dinobaby post. No AI unless it is an image. This dinobaby is not Grandma Moses, just Grandpa Arnold.

Hacking requires a certain tech know-how that goes beyond normal technology troubleshooting…or at least it used to. Futurism shares that hackers aren’t just the smart kids anymore: “AI Tools Are Supercharging Hackers.” AI can be transformed into the ultimate hacker’s Swiss army knife. A hacker used a jailbreak version of Anthropic’s Claude to find security vulnerabilities in Mexican government networks. The bad actor got away with 150 GB of sensitive data that contained 195 million Mexican taxpayers.

Amazon’s security research team reported:

“Last month, Amazon’s security research team revealed that hackers — or perhaps just one — had broken into more than 600 firewall systems across dozens of countries while armed with commercially available AI tools, overpowering weak security measures, and extracting credential databases, and possibly setting the stage for future ransomware deployment. ‘It’s like an AI-powered assembly line for cybercrime, helping less skilled workers produce at scale,’ said Amazon security engineering and operations lead CJ Moses in a statement."

IBM released a report that discovered a 44% year-over-year increase in public software and systems applications exploitation and a 50% rise in ransomware groups. Bad actors aren’t reinventing the hacking wheel, instead they’re advancing and adapting their tricks with AI.

Several thoughts and questions cross my mind:

Is there an end game for this weaponized use of smart software? Right now, the answer seems to be, “Are you kidding me?”
Smart software creates applications that may be more vulnerable than software created by humans the old-fashioned way. If humans are not in the loop, the escalation is baked into this “smart” and “efficient” approach to developing applications.
Do bad actors get the upper hand when human coding errors and smart software’s mistakes combine in distributed applications?

Pondering these three points gives me pause.

Whitney Grace, March 26, 2026

Written by Stephen E. Arnold · Filed Under cybercrime, Hackers, News, Security

Comments

Got something to say?

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.