New AI hacking tool frightens colossal corporations – «We didn't break in, we walked in»

Two groups are reported to have hacked the pharmaceutical company – colossus Novo Nordisk, as they claim, using a groundbreaking artificial-intelligence hacking tool that broke in without «setting off an alarm»
A cyber-extortion group claimed on Tuesday that it had stolen more than one terabyte of data from the pharmaceutical giant Novo Nordisk and stated that it was considering the possibility of selling portions of the data, after it failed to secure 25 million dollars from the company.
FulcrumSec, an online extortion group that appeared in October 2025, stated in a lengthy message it posted on its website that it had spent more than two months on Novo Nordisk's networks stealing data.
It stated that the data included the company's source code, confidential information about drugs that have been released and drugs that have not yet been released, clinical trial data, data on employees, doctors and patients, information about the company's processing facilities and information about internal artificial-intelligence models.
A Novo Nordisk representative stated via email that the company «has become aware of claims that data allegedly copied externally without authorization from our systems have been published online. We are treating this matter with seriousness and are maintaining the continuous operation of our main platforms. We are in contact with the relevant authorities».
Reuters was unable to immediately verify the authenticity of the data published by the hacker group. FulcrumSec also did not immediately respond to a request for comment. The Danish company disclosed on June 11 a cybersecurity incident which, as it stated, involved unauthorized access to a limited number of internal IT systems, which included access to certain personal data.
Two hacker groups are reported to have hacked Novo Nordisk
DataBreaches, a website that specializes in hacking issues, had never heard of these individuals before, but they identified themselves as «TheUSERS007», did not have English as their primary language and had a great deal to say about their attack on Novo Nordisk and the methods they used.
As DataBreaches posed questions to them and compared their claims and the data leak with the claims and data of FulcrumSec, it became clear that there appeared to be an unrelated incident in which TheUSERS007 were involved. According to TheUSERS007, they gained access to Novo Nordisk between June 5 and 7.
«We gained access to their system on June 5-7 and sent them messages, which were returned or blocked by filters around June 7-8. Then, on June 9, they made contact saying: "We received your messages, can we talk here?". We left no ransom note, we did not sign in any way, we simply call ourselves THEUSERS007».
From their timeline and the subsequent examination of their leak channel, it seemed clear that the press release and the incident notification from Novo Nordisk on June 11 did not concern this attack, but rather the attack by FulcrumSec. FulcrumSec had first made contact with Novo Nordisk on June 1 and, as FulcrumSec reports.
Different methods were used by the two groups
In keeping with DataBreaches' standard practice, TheUSERS007 were asked how they gained access to Novo Nordisk. FulcrumSec had explained how it had identified exposed credentials. In a conversation on Tox, a representative of TheUSERS007 told DataBreaches that they used «venomware», which they describe as a self-taught, adaptive artificial-intelligence (AI) mechanism designed for the «surgical» extraction of intellectual property.
Using artificial intelligence to explain it, the TheUSERS007 group stated to DataBreaches:
Venomware or Venom RAT (Remote – Access Trojan) does not rely on known exploits, phishing or persistence techniques. Instead, it operates on a simple principle: «We didn't break in. We walked inside. We asked. And the system opened up to us on its own».
What are the core capabilities of Venomware
- Automatic scanning: Automatically records exposed endpoints, subdomains and misconfigurations without human intervention
- Real-time learning: Analyzes infrastructure patterns and adapts to target environments within a few minutes
- Error correction: Learns from failed attempts, self-corrects and spreads laterally without human intervention
- Targeted precision: Identifies and extracts only the most valuable assets — ignoring the noise and focusing on high-value intellectual property
- Zero footprint: Operates without encryption, without disrupting the system and without leaving traces for forensic analysis
Venomware is not a piece of malicious software. It is a digital predator.
The entire attack lasted less than one hour
- Reconnaissance: 5 minutes. Public subdomains were scanned; an exposed Harbor registry was identified.
- Access: 1 minute. An unauthenticated request to the registry's API produced a valid token — no credentials were required.
- Mapping: 10 minutes. Venomware mapped the internal infrastructure, identifying GitHub repositories, Slurm jobs, SSH keys and WandB logs.
- Extraction: 40 minutes. Leaking of the «valuable assets»: 16.7 GB of AI model weights, complete source code, training logs, infrastructure maps and container images.
- Exfiltration: 4 minutes. The data were securely transferred out of the system. No logs. No notifications. No traces.
The software that learns from its trials and errors
«So would it be correct to describe your methods as AI-assisted access and attacks?» DataBreaches asked.
The hackers responded that they do not like the terminology that calls these breaches "AI-assisted access and attacks", because that is not what it is. «We define it as our own Venomware, an autonomous artificial-intelligence model with learning capability, a specially designed self-repairing model that redefines the future of cyberattacks as attacks based on artificial intelligence».




