A new cybercrime platform called ATHR enables fully automated voice phishing attacks using AI voice agents and human operators to harvest user credentials.
ATHR represents a significant evolution in vishing attacks, combining artificial intelligence with social engineering to target victims at scale. The platform deploys AI voice agents capable of conducting credential-harvesting calls without direct human intervention, though operators can engage when needed.
The system automates the initial reconnaissance and social engineering phase of attacks, reducing the manual effort traditionally required for voice phishing campaigns. This shift toward automation increases the potential attack surface, as threat actors can target more victims simultaneously.
The emergence of ATHR highlights growing concerns about AI-powered cybercrime tools. As voice synthesis technology improves, distinguishing between legitimate and malicious calls becomes increasingly difficult. Organizations face pressure to update security protocols and employee training to address voice-based threats alongside traditional phishing vectors.
The platform's hybrid approach—combining AI efficiency with human expertise—demonstrates how criminals adapt to leverage emerging technologies for larger-scale operations.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.