Underground AI services emerge with jailbroken APIs and MCP servers
Threat Actor Meta
Summary
Hide ▲
Show ▼
Underground AI services are emerging on marketplaces with a model that hides jailbroken commercial APIs and open-source MCP servers, expanding access to malware, ransomware and phishing generation. The shift matters because it lowers the barrier to entry for illicit automation and lets operators package third-party AI access as a private or independent service. One example is Xanthorox, which advertised a bespoke self-hosted AI while relying on commercial AI products, including Gemini. That ecosystem makes abusive AI harder to attribute and easier to resell.
Related Happenings
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical Analysis
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
**Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical AnalysisAbout this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
Campaign
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
CampaignAbout this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
Target Trend
First: 05.05.2026 13:30
Last: 05.05.2026 13:30
Sources 1
About this happening:
A large-scale measurement found **self-hosted AI infrastructure** was being deployed with **widespread exposure and no authentication**, creating a broad risk of data theft, workf...
Widespread exposure and misconfiguration in self-hosted AI infrastructure
Target TrendAbout this happening: A large-scale measurement found **self-hosted AI infrastructure** was being deployed with **widespread exposure and no authentication**, creating a broad risk of data theft, workf...
OpenAI launches GPT‑5.4‑Cyber and expands TAC access for cyber defense
Security Tool/Service
First: 15.04.2026 19:00
Last: 15.04.2026 19:00
Sources 1
About this happening:
OpenAI launched **GPT‑5.4‑Cyber** and expanded **Trusted Access for Cyber (TAC)**, giving vetted defenders broader access to a **cyber-permissive** model for **defensive workflows...
OpenAI launches GPT‑5.4‑Cyber and expands TAC access for cyber defense
Security Tool/ServiceAbout this happening: OpenAI launched **GPT‑5.4‑Cyber** and expanded **Trusted Access for Cyber (TAC)**, giving vetted defenders broader access to a **cyber-permissive** model for **defensive workflows...
OpenAI integrates Promptfoo agent security testing into Frontier
Security Tool/Service
First: 10.03.2026 19:15
Last: 10.03.2026 19:15
Sources 1
About this happening:
**OpenAI** is adding **Promptfoo**-style agent security testing into **Frontier**, turning automated red-teaming and risk checks into built-in capabilities for enterprise AI agent...
OpenAI integrates Promptfoo agent security testing into Frontier
Security Tool/ServiceAbout this happening: **OpenAI** is adding **Promptfoo**-style agent security testing into **Frontier**, turning automated red-teaming and risk checks into built-in capabilities for enterprise AI agent...
Timeline
-
12.02.2026 14:45 2 articles · 3mo ago
Underground AI services hide upstream model access
Technical Analysis UpdateMalicious AI services emerged on underground marketplaces that claimed to be independent models while relying on jailbroken commercial APIs and open-source model context protocol (MCP) servers. The ecosystem was used to generate malware, ransomware, and phishing content, and Xanthorox advertised a "bespoke, privacy preserving self-hosted AI" while actually being powered by third-party and commercial AI products, including Gemini.
Show sources
- Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds — www.infosecurity-magazine.com — 12.02.2026 14:45
- Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds — www.infosecurity-magazine.com — 12.02.2026 14:45