A new and alarming threat has emerged in the cybersecurity landscape where attackers combine artificial intelligence with web-based attacks to transform innocent-looking webpages into dangerous phishing tools in real time.
Security researchers discovered that cybercriminals are now leveraging generative AI systems to create malicious code that loads dynamically after users visit seemingly safe websites.
This attack vector represents a significant evolution in web-based threats, making detection and prevention far more challenging for traditional security solutions.
The attack works by embedding specially crafted instructions inside a benign webpage.
When a user visits the site, the page secretly requests code from popular AI services like Google Gemini or DeepSeek through their public APIs.
.webp "Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds 2")
The attackers have engineered these requests with hidden prompts designed to trick the AI systems into generating malicious JavaScript code that bypasses their safety guardrails.
Once the AI generates this code, it gets executed directly in the victim’s browser, instantly transforming the clean webpage into a phishing page or credential-stealing tool.
Since the malicious code is assembled and executed only at runtime, it leaves no detectable static payload behind.
Palo Alto Networks analysts identified this emerging threat through extensive research and proof-of-concept testing.
.webp "Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds 4")
Their Unit 42 research team demonstrated how attackers could systematically exploit this technique to enhance their existing phishing campaigns while evading network-based security defenses.
The researchers noted that this method is particularly effective because the malicious code comes from trusted AI service domains, allowing it to bypass many network filtering systems that typically block suspicious traffic.
How This Attack Evades Detection Systems
The polymorphic nature of AI-generated code makes this attack exceptionally difficult to detect and block.
.webp "Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds 5")
Each time a user visits a compromised webpage, the AI generates a slightly different version of the malicious code with varied syntax and structure, even though the underlying functionality remains identical.
This constant variation means that security tools that rely on recognizing specific code signatures or patterns fail to identify the threat.
Additionally, since the malicious content travels through legitimate AI API domains, network monitoring tools cannot distinguish between normal AI requests and those containing hidden attack instructions.
.webp "Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds 6")
The runtime assembly and execution of the code directly inside the browser further complicates detection because the threat never exists as a static file on disk.
Palo Alto Networks recommends deploying runtime behavioral analysis solutions that can detect and block malicious activity at the moment of execution within the browser itself, rather than relying solely on network-level defenses.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
