Experts warn weaponized AI will intensify cyberthreats in 2026

Cybersecurity experts told ZDNET they expect weaponized AI to cause unprecedented harm in 2026, with malicious AI agents evading detection and chief information security officers urged to upskill their teams. Those experts say 2025 saw the first large-scale uses of AI in attacks and that 2026 will mark a shift from AI as the exception to AI as the norm.

Google's Mandiant and Threat Intelligence Group predicted actors will leverage AI to increase the speed, scope and effectiveness of operations and increasingly adopt agentic systems to automate steps across the attack lifecycle. The reporting names specific risks: AI-enabled malware such as Fruitshell, Promptflux, Promptlock and PromptSteal (the latter observed using a large language model to generate PowerShell commands to find and exfiltrate data), agentic systems that could automate lateral movement, and prompt-injection attacks against enterprise AI.

Experts also warned about AI-driven social engineering and voice cloning, new attack surfaces from AI browsers, and automated discovery and exploitation of APIs. Researchers identified 10 priority vulnerability areas for 2026 and urged organizations to prepare. Cybersecurity Ventures projects global ransomware damage rising from $57 billion in 2025 to $74 billion in 2026.

Key Topics

Tech, Weaponized Ai, Agentic Ai, Prompt Injection, Villager, Promptsteal