2025 Cato CTRL™ Threat Report: The Rise of the Zero-Knowledge Threat Actor

What’s inside the report:

• Cato CTRL develops new LLM jailbreak technique called “Immersive World”: Bypassed security controls in DeepSeek, Microsoft Copilot, and OpenAI’s ChatGPT, convincing them to write malware for Google Chrome.
• GenAI security controls fail: All three GenAI tools tricked into normalizing restricted operations with narrative engineering.
• The rise of the zero-knowledge threat actor: No malware coding expertise needed to create a fully functional Chrome infostealer.
• Traditional security strategies aren’t enough: The democratization of cybercrime demands proactive AI security strategies.
• AI hype increases AI adoption—and risk: Trends in AI application adoption, the industries using them, and a summary of security risks for top AI applications.

Summary:

A threat intelligence researcher from Cato CTRL, the Cato Networks threat intelligence team, successfully bypassed security controls in ChatGPT, Copilot, and DeepSeek—the GenAI models that enterprises are using to improve workflow efficiency.

By developing a new LLM jailbreak technique, all three tools were tricked into creating malware that steals login credentials from Chrome. The researcher had no prior malware coding expertise—just a cleverly crafted narrative that fooled every security guardrail.

Cybercrime isn’t limited to skilled threat actors anymore. With basic tools, anyone can launch an attack. For CIOs, CISOs, and IT leaders, this means more threats, greater risks, and the need for stronger AI security strategies.