#EDR evasion

AI-Built Ransomware Toolkit Turns EDR Evasion Into a Faster Cybercrime Workflow

A ransomware-focused threat actor adopted an AI-built toolkit for Active Directory discovery and endpoint detection and response evasion. Sophos found Cursor and Claude Opus agents assisted development, with close to 80 modules tested against more than 70 techniques. The practical test is whether defenders can shorten validation cycles as AI accelerates the move from offensive research to working malware components.