Kela AI Threat Report 2025

Keypoints

• The annual cybersecurity reports by major vendors typically follow a structured format, including an executive summary, detailed threat analyses, trending attack techniques, case studies, and recommended defense strategies, providing a comprehensive overview of current cyber risks.
• Recent reports reveal a 51% increase in discussions about jailbreak methods for AI systems from 2023 to 2024, with more threat actors sharing new jailbreaking techniques on underground forums, indicating escalating risks associated with bypassing AI safeguards.
• Mentions of malicious AI tools, such as WormGPT and DarkGPT, soared by approximately 219% in 2024 compared to the previous year, illustrating the proliferation of dark AI-enabled cybercrime tools that automate phishing, malware creation, and fraud operations.
• Key attack vectors increasingly involve AI-enhanced phishing campaigns using deepfake audio and images, vulnerability scanning via automated AI tools, AI-driven malware development, and automation of large-scale cyberattacks like DDoS and credential stuffing, making attacks more effective and scalable.
• Emerging trends also include state-sponsored cyber operations leveraging AI for reconnaissance, exploitation, and disinformation campaigns, highlighting the broad threat landscape where both criminal groups and nation-states exploit these technologies.
• To counter AI threats, organizations are advised to invest in AI-based detection and response systems, conduct adversary emulation testing, and educate employees about evolving AI risks, fostering a proactive cybersecurity posture in the rising AI threat environment.