When the Shadow Brokers published NSA hacking tools online, cybersecurity firms shrugged: the exploits looked like relics. But criminals went on to use them for huge attacks like WannaCry and NotPetya. In a report published today, security firm Rapid7 urges experts to think about such leaks like crooks might. Rebekah Brown, Rapid7’s threat intelligence lead, told the Download that more attacks will use leaked tools in coming months—so a change in mindset better come soon.