Global warning: AI-powered cyberattacks surge, threatening supply chains and enterprise infrastructure
- Hung Pham

- 2 days ago
- 4 min read
The surge in AI-powered cyberattacks is drastically reducing the time to exploit security vulnerabilities from days to mere minutes.
This article provides an in-depth analysis of the threats from the InfernoGrabber v9.0 ransomware, the exploitation of RCE vulnerabilities on Microsoft SharePoint, and the risks originating from the AI supply chain, helping enterprises establish a comprehensive defense strategy.
Why are AI-powered cyberattacks completely changing the speed of enterprise response?
AI-powered cyberattacks allow hackers to automate the discovery and chaining of multiple application vulnerabilities into a fully formed exploit in just a few minutes. Instead of having days to investigate and respond, security teams now face immense time pressure as the window between vulnerability discovery and actual exploitation has virtually collapsed.
Specifically, attackers are using AI to scale and enhance the realism of social engineering campaigns. A recent analysis showed that 82.6% of phishing emails exhibited some use of AI. Cybercriminals also abuse synthetic voice and deepfake video technologies to impersonate senior executives, easily deceiving employees and bypassing internal verification mechanisms.

To counter this increase in speed and scale, organizations cannot rely solely on human effort. Security Operations Centers (SOCs) are being forced to integrate Agentic AI to analyze massive volumes of data, shorten investigation times, and respond automatically before systems are compromised.
Which dangerous ransomware strains and vulnerabilities are being fiercely exploited?
Cybercriminals are aggressively applying AI to craft stealthy ransomware on browsers, while abusing zero-day and RCE vulnerabilities to infiltrate core infrastructure. These weaknesses allow them to bypass authentication, drop malware, and control devices remotely without any user interaction.
Security researchers recently discovered "InfernoGrabber v9.0" - a malware strain created with the assistance of the DeepSeek AI model. It disguises itself as an image enhancement tool on Discord to trick users into granting File System Access API permissions, thereby automatically encrypting files directly within the browser without installing any software.
In addition, ransomware gangs (like Anubis) are actively exploiting the Citrix Bleed 2 vulnerability (CVE-2025-5777) on NetScaler ADC to gain initial access. The US CISA also issued an urgent alert regarding a remote code execution (RCE) vulnerability on Microsoft SharePoint (CVE-2026-45659) being actively exploited in the wild, which saw about 17,000 different attacks in just 48 hours. Concurrently, the ToddyCat APT group has developed the Umbrij malware to steal OAuth tokens, allowing them to secretly read Gmail via the Google API without needing the victim's password. Furthermore, the NetNut botnet network, which leveraged over 2 million home electronic devices as anonymous proxies, was recently dismantled by Google.
How do AI supply chain security risks impact core infrastructure systems?
The passive integration of AI features through cloud platforms, Software-as-a-Service (SaaS), and third-party vendors has created a highly risky dependency chain. If a single link in this supply chain (such as an API or a model provider) is compromised, malicious actors can poison the entire workflow and manipulate the organization's operational decisions.
One of the biggest risks stems from "Shadow AI" - a situation where employees use unvetted AI tools on their own without security oversight. This lack of control can lead to the leakage of source code, sensitive data, and customer information. Reports indicate that traditional contract review processes often overlook how vendors handle AI data or what happens when a model is abruptly changed. Therefore, corporate boards must incorporate AI governance into their overall supply chain risk assessment frameworks, establish clear ownership, and continuously monitor any third party with access to system data.
IPSIP expert perspective
Faced with the wave of AI-powered cyberattacks and the rise of next-generation ransomware, traditional defense architectures are gradually losing their effectiveness. Below are strategic actions to protect enterprises:
1. Urgent in-house enterprise solutions
To combat sophisticated phishing tactics, enterprises need to establish multi-layered out-of-band verification procedures for any account change, password reset, or fund transfer requests. Personnel must never grant File System access to any suspicious websites or browser extensions. Simultaneously, IT administrators must immediately review and apply patches to critical targeted systems like Microsoft SharePoint and Citrix platforms.
2. Comprehensive defense solutions from IPSIP Vietnam
Relying on manual patching alone is insufficient to outpace the machine-speed exploitation of hackers. Organizations should proactively utilize IPSIP's Vulnerability Assessment service to comprehensively scan their systems, detecting software flaws and supply chain vulnerabilities early before they can be exploited.

To intercept token-stealing phishing campaigns (like the Umbrij malware), the Anti-Phishing & Email Security solution acts as an intelligent filter, automatically neutralizing malicious links before they reach employees. Finally, to achieve "machine-speed" defense capabilities, integrating a 24/7 Security Operations Center (SOC) is a vital key. The SOC system continuously monitors behavioral networks, instantaneously detecting and isolating stealthy AI threats, ensuring the enterprise's core data remains absolutely safe.
The explosion of AI-powered cyberattacks is erasing the gap between detection and exploitation. To avoid becoming the next victim of ransomware or supply chain breaches, enterprises must abandon passive defense mindsets. Upgrading internal verification processes, combined with professional cybersecurity monitoring and response systems, is the most solid steel shield in the era of digital risks.












Comments