A new malicious AI tool, Xanthorox AI, has emerged on underground hacker forums.
Dubbed the “Killer of WormGPT and all EvilGPT variants,” Xanthorox AI is poised to outpace previous AI-powered cyber tools in its versatility, stealth, and offensive capabilities, making it a significant threat in the realm of cybercrime.
First detected in Q1 of 2025, Xanthorox AI has been circulating in darknet communities, where it is being marketed as a cutting-edge AI platform designed for offensive cyber operations.
Unlike its predecessors that relied on tweaks or jailbreaks of existing mainstream models like OpenAI’s GPT or Meta’s LLaMA, Xanthorox AI is reportedly a bespoke system developed from the ground up.
The developers claim that Xanthorox AI operates as a self-contained, multi-model architecture hosted entirely on private servers, ensuring complete autonomy and minimal traceability.
By eschewing public cloud infrastructure and external APIs, Xanthorox AI leverages local servers to maintain operational secrecy and avoid detection.
Its modular design also allows for upgrades or replacements of specific components, ensuring the tool remains relevant even as cybersecurity defenses evolve.
Key features described by the sellers include:
Xanthorox AI is being marketed as an “all-in-one” hacking tool, boasting modules tailored to various cybercriminal tasks. Below is an overview of its primary components:
According to the SlashNext report, Xanthorox AI represents a dangerous escalation in the use of AI for cybercrime. By combining modular customization, offline functionality, and a wide array of capabilities, it underscores the growing sophistication of malicious AI tools.
For cybersecurity professionals, the emergence of Xanthorox AI highlights the urgent need to develop countermeasures capable of identifying and neutralizing such advanced systems.
As hackers gain access to increasingly autonomous and intelligent tools, the stakes for businesses, governments, and individuals rise exponentially.
Xanthorox AI is a stark reminder of the dual-edged nature of AI technology—and the critical importance of staying ahead in the cybersecurity arms race.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…