Disrupting malicious uses of AI: June 2025

Source: OpenAI Date: 2025-06-05 URL: https://openai.com/global-affairs/disrupting-malicious-uses-of-ai-june-2025

Summary

Summary

OpenAI’s June 2025 edition of its disruption report covered new threat actor campaigns identified and disrupted since the February 2025 report — including state-linked influence operations, cybercriminal use of OpenAI tools, and attempts to use AI for generating disinformation at scale. The report maintained the quarterly cadence of public threat intelligence disclosure that OpenAI established in early 2025.

Implications

Policy/security thread. The quarterly disruption report cadence signals institutionalization: this is no longer an ad hoc disclosure but a recurring transparency practice. Regular threat actor reports serve OpenAI’s policy relationships (intelligence agencies, election security bodies) while also building the public record that OpenAI is actively enforcing its use policies. The June 2025 timing falls in the period when Codex and Operator were newly deployed — the reports likely reflected threat actors probing new agentic capabilities in addition to the established language model threat patterns. Each report also provides OpenAI with an opportunity to demonstrate the sophistication of its detection capabilities, which is both operationally valuable and reputationally beneficial.