AI is accelerating both offense and defense
AI is now embedded in the cyber kill‑chain, not just in security dashboards.
- Attackers are using AI‑driven phishing, deepfake voice fraud, and adaptive malware to personalize lures and evade detection, making spear‑phishing easier and harder to spot.
- Defenders are responding with agentic AI security tools that can auto‑contain endpoints, quarantine systems, and reconfigure controls with minimal human intervention.
Critical vulnerabilities in core software
Recent zero‑days show that misconfiguration and patching delays are still the main attack vectors.
- A critical RCE in Microsoft SharePoint (CVE‑2026‑20963) and a pre‑auth RCE in BeyondTrust Remote Support (CVE‑2026‑1731) have already been weaponized in ransomware campaigns, with CISA issuing tight patch deadlines for federal agencies.
- VMware and other infra‑management tools are also on the radar, underscoring that attackers love targeting the very products defenders use to manage and secure environments.
AI‑infrastructure and cloud‑native security
As AI workloads grow, securing models, data, and cloud APIs is moving up the board‑level agenda.
- Reports highlight that nearly 80% of organizations now run some form of generative AI in their security stack, but fewer than 40% have formal AI‑governance policies.
- Top priorities include guarding AI training data from poisoning, securing model‑serving APIs, and monitoring AI‑agent access to internal systems and documents.