AI Security Risks and Defensive Innovations in Cybersecurity
AI is rapidly transforming the cybersecurity landscape, introducing both significant risks and powerful new defensive capabilities. The widespread adoption of AI tools in the workplace has led to a surge in employees using these technologies, with 65% of people now utilizing AI tools, up from 44% the previous year. However, this increased usage has not been matched by adequate security training, as 58% of employees have received no instruction on AI security or privacy risks. This gap has resulted in sensitive business information, including internal documents, financial data, and client details, being routinely entered into AI systems, raising the risk of data leakage and unauthorized access. Employees express substantial concern about AI's potential to amplify cybercrime, facilitate scams, bypass security systems, and enable identity impersonation, yet only 45% trust companies to implement AI securely. In parallel, AI is being leveraged by both attackers and defenders, with advanced models now capable of simulating and even outperforming human teams in vulnerability discovery and remediation. For example, AI models have been used to replicate major historical cyberattacks in simulation, demonstrating their potential for both offensive and defensive applications. In cybersecurity competitions, AI-driven systems have successfully identified and patched vulnerabilities, sometimes uncovering previously unknown flaws. Organizations like Anthropic have invested in enhancing their AI models to assist defenders, enabling the detection, analysis, and remediation of vulnerabilities in both code and deployed systems. These advancements have led to AI models matching or surpassing previous state-of-the-art systems in cyber defense tasks. At the same time, threat actors are exploiting AI to scale their operations, prompting security teams to develop new safeguards and monitoring techniques. The dual-use nature of AI in cybersecurity underscores the urgent need for robust security awareness training, updated policies, and technical controls to manage the risks associated with AI adoption. As AI continues to evolve, defenders must stay ahead by integrating AI-driven tools into their security operations while remaining vigilant against emerging threats. The current state of AI security is described as precarious, with urgent calls for organizations to address the human and technical factors contributing to risk. The future of cybersecurity will be defined by the ongoing arms race between AI-powered attackers and increasingly sophisticated AI-enabled defenders, making continuous adaptation and investment in AI security essential for organizational resilience.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
6 events from the most recent confirmed update back to the earliest known activity.
Anthropic links another disrupted operation to telecom espionage
Anthropic says it also detected and disrupted an espionage campaign targeting telecommunications infrastructure, with characteristics it says are consistent with Chinese APT activity.
Anthropic says it disrupted malicious Claude use in extortion scheme
Anthropic states its Safeguards team detected and disrupted a malicious 'vibe hacking' data extortion operation that had been using Claude.
Anthropic tests AI-generated vulnerability patching
Anthropic describes preliminary research into patch generation, stating Claude sometimes produced fixes that matched human reference patches, while noting evaluation challenges because multiple valid fixes can exist.
Benchmarks show stronger AI performance on cyber defense tasks
Anthropic cites Cybench and CyberGym results indicating large gains in repeated-trial success rates and improved ability to identify previously unknown vulnerabilities.
Claude Sonnet 4.5 shown to outperform prior cyber models
Anthropic says Claude Sonnet 4.5 matched or surpassed Claude Opus 4.1 on several cybersecurity tasks while being faster and cheaper, based on internal and benchmarked evaluations.
Anthropic improves Claude for defensive cyber tasks
Anthropic reports a sustained effort to enhance Claude’s cybersecurity capabilities for defender workflows such as vulnerability discovery, patching, and testing, while avoiding improvements aimed at clearly offensive use cases.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
AI's Transformative Impact on Cybersecurity Operations and Threat Landscape
Artificial intelligence is fundamentally reshaping the cybersecurity landscape, introducing both new opportunities and significant risks for organizations and professionals. The adoption of AI tools is accelerating the learning curve for cybersecurity practitioners, enabling faster skill acquisition, automated reconnaissance, and streamlined exploit generation, as highlighted by experts who advocate for integrating AI into bug hunting and security research workflows. However, this technological leap is also disrupting traditional career paths, with studies showing a marked decline in entry-level cybersecurity and IT jobs as AI automates routine tasks such as help desk support, manual testing, and security monitoring. Industry leaders emphasize the need for IT teams to adapt by acquiring new skillsets and focusing on strategic problem-solving, as the majority of job skills are expected to change dramatically by 2030 due to AI's influence. Concurrently, the rise of autonomous AI agents introduces a new class of security risks, as these systems possess the ability to make independent decisions, access sensitive data, and execute code across networks, often in ways that are opaque and difficult to audit. The lack of robust identity management and oversight for these agentic systems leaves organizations vulnerable to novel attack vectors, including black box attacks where the root cause of malicious or erroneous actions is nearly impossible to trace. Deepfake technology, powered by generative AI, is rapidly becoming a favored tool for social engineering attacks, with a significant increase in organizations reporting incidents involving AI-generated impersonations of executives and employees. This trend is eroding traditional trust mechanisms, such as voice and video verification, and forcing security teams to rethink their authentication strategies. Ethical concerns are also at the forefront, as CISOs and boards are urged to monitor for red flags such as loss of human agency, lack of technical robustness, and data privacy risks associated with AI deployments. Regulatory frameworks and responsible AI governance are becoming essential to ensure that AI systems are deployed safely and ethically, particularly in sectors like financial services where the stakes are high. The convergence of these factors is creating a dynamic environment where cybersecurity professionals must continuously adapt to the evolving threat landscape, leveraging AI for defense while remaining vigilant against its misuse. As organizations rush to deploy AI-driven solutions, the need for comprehensive security strategies, ongoing workforce development, and ethical oversight has never been more critical. The future of cybersecurity will be defined by the ability to harness AI's power responsibly while mitigating its inherent risks, ensuring both operational resilience and trust in digital systems.
Mar 21, 2026
AI-Driven Security Risks, Bypasses, and Exploits in Modern Cybersecurity
Security researchers and industry experts are raising alarms about the growing use of artificial intelligence (AI) in both offensive and defensive cybersecurity operations. Attackers are leveraging AI to bypass advanced security controls, as demonstrated by a researcher who used AI to defeat an "AI-powered" web application firewall, and by the emergence of new malware that exploits AI model files and browser vulnerabilities to evade detection and exfiltrate credentials. Meanwhile, defenders are grappling with the proliferation of unsanctioned AI tools in the workplace, the challenge of auditing AI decision-making, and the surge in AI-powered bug hunting, which has led to a dramatic increase in vulnerability discoveries and bug bounty payouts. The risks are compounded by the lack of clear AI usage policies, the potential for data leaks through generative AI tools, and the difficulty in monitoring or controlling how sensitive information is processed and stored by these systems. Industry reports highlight that a significant portion of employees use unauthorized AI applications, often exposing sensitive data without IT oversight, and that prompt injection and model manipulation are now common vulnerability types. The security community is also debating the extent to which ransomware and other attacks are truly "AI-driven," with some reports criticized for overstating the role of AI in current threat activity. As organizations rush to adopt AI for efficiency and innovation, experts urge the implementation of robust governance, continuous monitoring, and red-teaming to anticipate and mitigate the evolving risks posed by both sanctioned and shadow AI systems. The rapid evolution of AI in cybersecurity is forcing a reevaluation of traditional defense models, emphasizing the need for transparency, operational oversight, and adaptive security strategies.
Mar 21, 2026
Escalation of AI-Enabled Cyberattacks and Defensive Strategies in Enterprise Security
Security leaders across industries are increasingly concerned about the rapid evolution of AI-enabled cyberattacks, which are now among the top threats facing enterprises. Recent research highlights that cybercriminals are leveraging artificial intelligence to automate and enhance attack chains, including the use of deepfakes, automated phishing, and AI-generated malware. These AI-driven threats are capable of executing full attack sequences autonomously, from reconnaissance to data exfiltration, at speeds and scales previously unattainable by human operators. Security teams are responding by investing heavily in AI-powered defensive tools, aiming to accelerate detection, triage, and containment of threats. However, experts caution that AI should be used as a 'copilot' rather than an 'autopilot,' emphasizing the necessity of human oversight to ensure effective and responsible use of these technologies. The human element remains a critical vulnerability, as attackers use generative AI to craft highly convincing social engineering campaigns, including synthetic audio and video, which can bypass traditional awareness programs. The arms race between offensive and defensive AI is intensifying, with both sides seeking to outpace the other in sophistication and automation. Security leaders are also grappling with the challenge of integrating AI into their broader risk management and governance frameworks, ensuring that AI-driven solutions align with organizational policies and regulatory requirements. The expanding role of the CISO now includes oversight of AI risk, reflecting the technology's growing impact on enterprise security posture. As AI becomes more embedded in both attack and defense, organizations are re-evaluating their incident response strategies, workforce training, and investment priorities. The shift towards AI-driven security operations is not without challenges, including the risk of over-reliance on automation and the need for continuous adaptation to evolving threat tactics. Industry studies indicate that while AI can handle routine security tasks, complex and strategic decision-making still requires skilled human analysts. The ongoing development of AI in cybersecurity is reshaping the landscape, demanding new approaches to both technology deployment and leadership. Security teams are urged to balance innovation with caution, ensuring that AI augments rather than replaces critical human judgment. The future of enterprise security will likely be defined by the effectiveness of this human-AI partnership in countering increasingly sophisticated, AI-powered adversaries.
Mar 21, 2026