Disrupting malicious uses of AI: October 2025

Source: OpenAI Date: 2025-10-07 URL: https://openai.com/global-affairs/disrupting-malicious-uses-of-ai-october-2025

Summary

Title-only: A periodic threat intelligence report from OpenAI’s trust and safety team documenting malicious uses of OpenAI’s APIs that were detected and disrupted — likely covering influence operations, spearphishing campaigns, malware generation, and account fraud. The “October 2025” naming convention suggests this is part of a regular series (February 2026 has a similar report), establishing OpenAI as a publisher of AI threat intelligence.

Implications

The AI threat intelligence thread. OpenAI publishing periodic disruption reports is both a safety transparency practice and a competitive signal: it demonstrates that OpenAI actively monitors and disrupts misuse rather than turning a blind eye to revenue from bad actors. The reports also create a public record of what threat actors are doing with AI — valuable to security researchers and policymakers calibrating AI risk.

Defensive AI ecosystem. The October 2025 timing — alongside Aardvark’s launch (October 2025) and the Doppel case study (October 2025) — suggests a coordinated security narrative: OpenAI is both a target of malicious use and an active defender against it. Disruption reports are the accountability mechanism; Aardvark is the offensive security capability; Doppel is the external security customer demonstrating AI-powered defense.