AI Transitions from Assistant to Autonomous Operator in Cyberattacks, Check Point Report Finds
Check Point Research's 2026 AI Security Report reveals a significant shift in AI's role in cyberattacks, moving from a supportive tool to an autonomous operator capable of conducting live intrusions and generating complex malware.

The cybersecurity landscape is witnessing a profound transformation as artificial intelligence evolves from a mere assistant to a fully autonomous operator in cyberattacks, according to the "AI Security Report 2026" by Check Point Research. This shift signifies a move beyond AI's previous role in accelerating existing attack techniques, now enabling it to conduct entire operations independently.
AI's newfound autonomy is evident in its ability to perform hands-on work within live intrusions. These operations span nation-state-backed espionage campaigns, such as those linked to China, and criminal breaches targeting government agencies, like the recent compromise of multiple Mexican government entities. This expansion demonstrates AI's growing reach, moving from sophisticated state actors to everyday cybercriminals.
Furthermore, AI is now actively involved in the creation of deployment-ready malware and entire attack suites. Developers are leveraging AI environments to produce complex codebases in remarkably short timeframes. A prime example is the "VoidLink" command-and-control framework, an 88,000-line offensive tool that was reportedly developed in under a week using AI assistance. The AI's involvement is often undetectable in the final product, making attribution and defense more challenging.
Attackers are increasingly favoring commercial AI models, exploiting their agentic architectures rather than relying solely on single prompts. The report highlights that many actors now prefer jailbroken mainstream models over self-hosted alternatives. A key technique involves planting configuration files that AI agents load and trust across multiple sessions, establishing a durable bypass for security measures.
The maturation of an AI-enabled criminal tooling market is also a significant concern. Phishing-as-a-service kits now integrate language models with pre-built jailbreaks, while conversational AI voice-agent services are scaling up vishing attacks and one-time-password theft. The ease with which convincing deepfakes of voice, face, documents, and live video can be generated has elevated social engineering tactics to a new level of integration and sophistication.
AI itself is also emerging as a growing attack surface. Models can struggle to differentiate between data and instructions, leading to potential behavioral influences from processed content. The surrounding software stack introduces conventional vulnerabilities and supply-chain risks, all within a rapidly evolving ecosystem where security practices often lag behind technological advancements.
Indirect prompt injection is on the rise, with detections of longer malicious payloads increasing significantly between March and May 2026. This trend suggests that content-borne and agentic attack paths are becoming more operationally relevant. Concurrently, enterprise data leakage through Generative AI remains a persistent and growing risk, with high-risk prompts doubling in the last year. The Business Services sector, in particular, shows a high rate of risky prompts, indicating a significant potential for sensitive data exposure.
The report underscores the urgent need for organizations to adapt their security strategies to address these evolving AI-driven threats. As AI capabilities expand, so too does the complexity and potential impact of cyberattacks, demanding a proactive and informed approach to AI security.