A recent report from HP Inc. highlights a significant rise in cybercriminals using artificial intelligence to enhance malware campaigns, focusing on efficiency over sophistication. The Threat Insights Report indicates that attackers are prioritizing speed and cost, enabling them to scale their operations while bypassing security measures.
Notably, a technique called “vibe-hacking” has emerged, where attackers produce pre-made infection scripts to facilitate malware delivery. For example, one campaign involved victims receiving fraudulent invoice PDFs that initiated silent downloads of malware while redirecting them to legitimate sites like Booking.com. Additionally, the report reveals the use of “flat-pack malware,” which consists of modular components available on hacker forums, allowing quick assembly of various campaigns.
Data collected from millions of endpoints protected by HP Wolf Security between October and December 2025 shows that 14 percent of email threats bypassed email gateway scanners. The most common delivery method was executable files at 37 percent, followed by zip files and Word documents. Further analysis revealed that attackers exploited counterfeit downloads of Microsoft Teams, leading victims to malicious sites through misleading advertisements or search engine manipulation.