News

AI agents were once theoretical, but now they are a tangible force reshaping the modern threat landscape. Also known as Computer-Using Agents (CUAs), these advanced AI bots can use applications and browse the internet to complete complex, often time-consuming tasks with minimal or no human oversight. Their rapid evolution is unlocking new efficiencies across a variety of sectors with automation and analysis, enabling more informed decision-making.

But this leap forward comes with a caveat. As they grow more capable, AI agents introduce a new class of cybersecurity threats. Malicious actors can hijack these tools to orchestrate sophisticated cyberattacks, exploiting predictable patterns of human behavior to infiltrate systems and exfiltrate sensitive data.

To move beyond theory and speculation, our team undertook a series of controlled experiments to assess how agentic AI could be weaponized. We found that these agents can automate a wide range of malicious tasks on behalf of threat actors when instructed correctly.

This includes, but is not limited to, credential stuffing and reconnaissance, which previously required significant human effort. To make matters worse, they can even perform outright cyberattacks by guessing passwords and sending out phishing emails en masse.

This marks a watershed moment in cybersecurity’s fight against AI-powered threats. The automation of attacks significantly lowers the barrier to entry for threat actors, enabling even low-skilled individuals to launch high-impact campaigns. This has the potential to rapidly escalate the scale at which phishing attacks can be carried out.

The largest AI players are redefining what agents can do. Platforms like OpenAI’s Operator, alongside various tools developed by Google, Anthropic and Meta, all have their own strengths and limitations, but share one critical feature. The ability to carry out real-world actions based on very simple text prompts.

This functionality is a double-edged sword. In the hands of responsible users, it can drive innovation and productivity. But in the wrong hands, it becomes a powerful weapon, one that can turn a novice attacker into a formidable threat.

The good news is that widespread abuse of these tools is not yet common. However, that window is closing fast. The simplicity and accessibility of agentic AI make it an ideal tool for amplifying social engineering attacks.

To illustrate the real-world implications, we investigated whether agentic AI could be utilized to automate the collection of information for targeted attacks. Using OpenAI’s Operator, which features a sandboxed browser and possesses uniquely autonomous behavior, we issued a simple prompt: identify new employees at a specific company.

Within minutes, the agent accessed LinkedIn, analyzed recent company posts and profile updates, and compiled a list of new joiners from the past 90 days. It extracted names, roles, and start dates, all the information needed to craft highly targeted phishing campaigns. And, it did this in the blink of an eye.

Some might be tempted to dismiss this as a simple information-gathering exercise. But this experiment displays that seemingly harmless human behaviors like posting job updates on social media can inadvertently expose organizations to significant cyber risk. What once took hours or days can now be accomplished in minutes, at scale.

Another alarming capability of agentic AI is its potential to facilitate identity-based attacks. Credential stuffing, a method where attackers use previously compromised username and password combinations to gain unauthorized access, is a prime example.

To test this attack vector, we instructed Operator to attempt access to login flows on several popular SaaS platforms, equipping it with a target email address and a publicly available list of breached passwords. Based on this limited information, it was able to get into one of the accounts. This underscores how agentic AI can be used to automate credential abuse, bypass traditional defenses and exploit a weak link in the security chain. Human error.

Our research confirms that agentic AI is already capable of executing a broad spectrum of malicious activities, from phishing and malware delivery to exposing vulnerabilities. While current capabilities are still in their early stages, the potential is there for automated attacks at scale in the not-so-distant future.

This calls for a fundamental shift in how organizations approach cybersecurity. Historically, the focus has been on protecting systems, not people. However, traditional methods like annual training and awareness campaigns only serve to place the burden on employees. This is an outdated approach, and it papers over the real root causes of human error.

Human-centric cyber risk needs to be proactive. And, it needs to be in real-time. This includes two main steps:

• User-focused controls: Implementing strong authentication, behavioral monitoring, and phishing-resistant technologies shifts the focus to identifying common risky behaviors
• Threat mapping: Visualizing and prioritizing human-centric risks in the same way software risks are tracked by the MITRE database, for example, can inform more targeted interventions tailored to specific risky user behaviors

By understanding the human behaviors that create openings for threat actors, businesses can deploy smarter, more effective defenses. This shift from reactive to proactive security is well established for software defense, so there is no good reason human risk should be treated any differently.

Agentic AI is not just a technological advancement, it is a vehicle for cyberattacks at scale. As these tools become more powerful and accessible, the cybersecurity community must shift its mindset. The future of cyber defense lies not just in securing systems, but in understanding and protecting the people who use them.

The clock is ticking, and the attackers are already adapting. So should you.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Dropbox is dropping Passwords from its product portfolio
• The app and browser extension will be discontinued soon
• Users will still be able to access their data until October 28, 2025

For users of Dropbox Passwords, it's time to take a look at the best password managers and find a new service to use, after the cloud storage company revealed it will soon discontinue the service.

The end of service for Dropbox Passwords will be October 28, 2025, giving users ample time to find a new credential manager to suit their needs.

In the announcement, Dropbox said it was discontinuing the tool, “as part of our efforts to focus on enhancing other features in our core product.”

Dropbox Passwords users will still have ample time to access their saved usernames, passwords, and stored credit card information for export until October 28, but there will be some key changes before then.

On August 28, 2025 the password manager will become view-only on both mobile devices and on through the browser extension. You won’t be able to add any more credentials nor use the autofill feature from this date.

On September 11, the mobile app will be depreciated and will no longer be available for use. Your data will remain available through the browser extension.

The fateful date of October 28 will see all Dropbox Password data securely deleted and the dark web monitoring feature will cease to function.

In its blog post, Dropbox has provided some key information on how to export your data from both the app and browser extension. Mobile app users can follow these instructions to export their data:

1. Open the Dropbox Passwords mobile app.
2. Tap (settings).
3. Tap Export.
4. Tap Export to confirm.

To export data from the browser extension, do the following:

1. Open the Dropbox Passwords browser extension.
2. Click your avatar (profile picture or initials) in the bottom-left corner.
3. Click Preferences.
4. Click the Account tab.
5. Click Export.
6. Click Export to confirm.

• These are the best parental control apps
• We've rounded up all the best secure email providers
• PayPal will now let you pay in Bitcoin and other cryptocurrencies - but with one crucial condition