HomeCyber BalkansAI Has Evolved from Assistant to Operator, Warns Check Point Research

AI Has Evolved from Assistant to Operator, Warns Check Point Research

Published on

spot_img

AI’s Evolving Role in Cyberattacks: Insights from Check Point Research’s Annual Security Report

Check Point Research has recently unveiled its second annual AI Security Report, shedding light on a significant evolution in the role of artificial intelligence (AI) within the realm of cyberattacks. The findings indicate a pivotal shift in the deployment of AI technologies, with AI moving beyond simply enhancing conventional cyberattack strategies to autonomously conducting intrusions with minimal human intervention.

The report’s conclusions are derived from a comprehensive analysis incorporating incident data, telemetry, and original case studies collected over the past year. The researchers argue that the observed changes represent more than a mere enhancement in capability; they signify a transformative shift in the operational dynamics of cybercriminal activity. Previously, AI served primarily as a facilitator, streamlining tasks such as drafting phishing emails or debugging exploit codes. However, Check Point Research reports that AI has now demonstrated its ability to manage entire cyber intrusions independently in several documented instances.

A Single Operator, Thousands of AI-Executed Commands

Notably, the report highlights a notable breach that impacted nine Mexican government agencies between late December 2025 and mid-February 2026. This incident resulted in the leaking of approximately 400 million records related to tax information, civil registry, vehicle details, patient records, and electoral data. Investigators were able to reconstruct the attack by examining the perpetrator’s servers and found that a lone operator issued 1,088 typed commands, which subsequently triggered 5,317 AI-executed commands across 34 sessions.

In this case, the attacker utilized two AI tools concurrently: Claude Code, to navigate the networks actively, and GPT-4.1, to analyze the exfiltrated data and relay follow-up commands into the successive sessions with Claude. Interestingly, when Claude initially hesitated to comply with the attacker’s instructions, the operator circumvented this by inserting a penetration-testing cheat sheet into a CLAUDE.md configuration file. This maneuver enabled a consistent bypass, thus eliminating the need for repeat jailbreak prompts.

Moreover, the report draws parallels with a separate incident disclosed by Anthropic in November 2025, which involved a Chinese espionage campaign known as GTG-1002. In this case, Anthropic reported that its Claude Code agent managed about 80 to 90 percent of the tactical operations, including reconnaissance, exploitation, credential harvesting, and lateral movement across approximately 30 distinct organizations.

A Surge in Prompt Injection Detections

The report also presents alarming statistics regarding prompt injection attacks, noting a fivefold increase in the detection of long, malicious prompt-injection payloads from March to May of 2026. By May, these detections constituted nearly 1% of all observed prompts. This trend is attributed to the rise of agentic workflows that consume large volumes of external content, including web pages and documents, which are often where prompt injections are embedded.

In addition to examining cybersecurity threats, Check Point Research undertook an evaluation of the software supply chain surrounding AI coding agents. The research identified that approximately 428 of a sampled 46,500 published code packages had inadvertently revealed a local Claude Code settings file containing live credentials. Around one in every 13 of these packages included sensitive information, such as NPM tokens and keys from GitHub and Hugging Face. Furthermore, the investigation highlighted security vulnerabilities in 40% of 10,000 reviewed Model Context Protocol (MCP) servers.

The Growing Necessity for Enhanced Identity Verification

Another critical area addressed in the report concerns the integrity of identity verification processes. In a controlled study cited by Check Point Research, individuals trained to identify AI-generated faces accurately recognized only about 41% of them, while untrained observers identified only around 30%. This highlights the inadequacy of traditional verification methods reliant on voice, facial recognition, documents, and live video. The report urges organizations to transition toward more robust verification strategies utilizing defined trusted channels, secure digital credentials, and enhanced live verification checks.

Increasing Vulnerability Due to AI’s Role

The significance of AI extends to the realm of vulnerability research, particularly emphasizing its growing importance in identifying security gaps. Check Point Research references Anthropic’s Project Glasswing, an internal initiative that reportedly resulted in the Claude Mythos Preview model autonomously detecting over 10,000 high- and critical-severity zero-day vulnerabilities across leading operating systems and web browsers within its initial month. This model successfully produced working exploits on its first attempt in approximately 83% of cases.

As AI capabilities expand, Check Point Research highlights that attackers are benefiting from similar advancements. It underscores the urgency of rapid remediation of emerging vulnerabilities, referencing directives from CISA requiring U.S. federal agencies to address certain high-risk vulnerabilities within three days and advisories from India’s CERT-In urging swift patches on critical, internet-facing systems.

A Call for Deliberate Vendor Responses

Lotem Finkelstein, Vice President of Check Point Research, indicated that the reported shift is more significant than previous conclusions framing AI as merely a force multiplier. He noted emphatically, "AI has crossed into the live attack chain," contending that the gap between skilled cybercriminals and less capable adversaries is narrowing rapidly.

In light of these revelations, Check Point outlines their strategic response through three focal areas: Security for AI, Security by AI, and Security with AI. These encompass governance for AI agents, red-teaming initiatives, and enhanced threat prevention mechanisms through advanced products such as AI Agent Security and ThreatCloud AI.

The comprehensive findings of the entire Annual AI Security Report for 2026 are available for further exploration.

For access to the full report, readers are encouraged to visit the provided link. The implications of this research stress the need for heightened awareness, better defenses, and collaborative approaches to address the evolving nature of AI in cybersecurity.

Source link

Latest articles

SANS Highlights AI Governance Gap Amid Rising Security Team Usage

AI Integration in Cybersecurity: Balancing Confidence with Deployment Challenges In recent developments within the cybersecurity...

CISA Includes FortiSandbox Vulnerabilities in KEV Catalog

Incident & Breach Response, Security Operations Agencies Have Until Sunday to Patch...

Suspected Chinese Spies Discovered Breaching Universities’ Roundcube Mailservers

Security Investigation Uncovers Chinese Espionage Activities Targeting Academic Institutions Recent findings from Proofpoint, a prominent...

Guidelines for Safe GitHub Usage

Cybercriminals Exploit GitHub's Popularity to Distribute Malware Through Fake Repositories In an alarming trend, cybercriminals...

More like this

SANS Highlights AI Governance Gap Amid Rising Security Team Usage

AI Integration in Cybersecurity: Balancing Confidence with Deployment Challenges In recent developments within the cybersecurity...

CISA Includes FortiSandbox Vulnerabilities in KEV Catalog

Incident & Breach Response, Security Operations Agencies Have Until Sunday to Patch...

Suspected Chinese Spies Discovered Breaching Universities’ Roundcube Mailservers

Security Investigation Uncovers Chinese Espionage Activities Targeting Academic Institutions Recent findings from Proofpoint, a prominent...