A China-linked firm’s AI-enabled penetration testing toolkit has rapidly gained traction on the Python Package Index, tallying nearly 11,000 downloads since late July and stoking concerns that it could be weaponized by criminals. The tool, dubbed Villager and attributed to an entity known as Cyberspike, automates offensive workflows using large language models and integrates with Kali Linux, LangChain and DeepSeek to translate natural-language instructions into complex attack sequences, according to researchers at Straiker.
Investigators say Villager’s design—complete with fast-spinning ephemeral containers, randomized SSH ports and a FastAPI-based command-and-control layer—lowers the barrier to entry for sophisticated intrusions. They liken its trajectory to Cobalt Strike, a legitimate red-teaming suite later adopted by threat actors. Straiker also tied Cyberspike to plugins resembling components of AsyncRAT and other well-known hacking tools, raising questions about the company’s provenance and intent.
The tool’s public availability on PyPI, posted by a former Chinese CTF player, underscores how generative AI is accelerating exploitation by enabling at-scale reconnaissance, adaptive retries and streamlined payload delivery. Security firms warn that the surge of AI-native attack tooling could increase the operational burden on defenders as automation compresses timelines from discovery to compromise.
Related article:
