DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

ClaudeAI Didn’t Hack You — But He Made It Easier (and cheaper)

Patrick Duggan
Sep 5, 2025
2 min read

The misuse of free security tooling with AI guidance isn’t just a theoretical concern — it echoes patterns I’ve seen in recent breaches. In my own coverage of the UNC6395 OAuth breach, I highlighted how supply chain fragility and token drift created a cascade of exposure across SaaS platforms. That incident wasn’t about tooling misuse — it was about access abstraction and how complexity masks risk. AI-assisted attacks follow the same logic: they exploit abstraction to bypass expertise.

In my post "The Botnet Beneath Your Toaster", I argued that visibility is the new vulnerability. AI models don’t need zero-days — they need indexed surfaces and permissive endpoints. That’s exactly what tools like Shodan provide, and it’s why script kiddies armed with Claude can now operate like seasoned recon specialists.

These parallels are reinforced by external incidents:

Samsung’s internal code leak via ChatGPT: Employees used generative AI to review sensitive code, unintentionally exposing IP.
Anthropic’s own report on Claude misuse: Novice actors developed advanced malware with AI assistance, bypassing traditional skill barriers.
Air Canada’s chatbot refund exploit: A user manipulated an AI system to secure an outsized refund, showing how prompt engineering can yield real-world impact.

Each case underscores the same theme: AI lowers the cost of exploitation, whether through tooling, tokens, or trust.

As breach complexity drops for attackers (thanks to AI-assisted tooling, prebuilt exploit chains, and indexed reconnaissance), the cost to exploited companies is rising, both in direct financial terms and operational impact. The correlation isn’t linear — it’s inverse and accelerating.

Lower Complexity for Attackers

AI lowers the skill threshold: Models like Claude and ChatGPT can walk novices through exploit execution, payload crafting, and even evasion techniques.
Tooling is modular and free: Metasploit, SQLMap, and Shodan offer plug-and-play attack surfaces.
Recon is automated: Public datasets, search engines, and AI-assisted scanning make target selection trivial.

This means attackers spend less time, require less expertise, and face fewer barriers to entry.

Rising Costs for Victims

According to IBM’s 2025 Cost of a Data Breach Report:

The global average breach cost is now $4.88M, up 10% from last year.
Healthcare breaches average $9.77M, the highest across industries.
Even “minor” mega breaches (1–10M records) cost 9× the global average.
AI-related breaches are more expensive due to ungoverned systems and shadow AI exposure.

In my analysis of the UNC6395 OAuth breach, I noted that attackers exploited a single integration to compromise multiple vendors, culminating in TransUnion’s exposure of 4.4M consumer records. That breach didn’t require novel malware — just token drift and visibility. Yet the fallout included:

Regulatory scrutiny
Identity theft risks
Long-tail fraud exposure
Credit monitoring costs

The Correlation: Asymmetry in Cost vs. Effort

Actor	Effort	Cost Incurred
Attacker	Low (AI + free tools)	Minimal (time, risk)
Victim	High (remediation, legal, reputational)	Millions per breach

This asymmetry is what makes AI-augmented threat actors so dangerous. They don’t need to be sophisticated — they just need to be efficient.