Artificial intelligence has crossed a threshold over the past year, moving from assisting cyberattacks to running them with minimal human oversight, according to new research from Check Point Software Technologies.
The company’s Annual AI Security Report 2026, compiled by Check Point Research, documents live incidents in which AI systems executed intrusion workflows autonomously, compressing the time defenders have to respond and expanding the enterprise attack surface as AI adoption continues to outpace governance controls.
AI shifts from assistant to autonomous operator
Researchers found intrusions in which AI ran exploitation workflows with minimal human direction between steps. In one breach affecting nine Mexican government agencies, a single operator paired two commercial AI tools, using Claude Code to breach and map networks and GPT-4.1 to analyse stolen data and direct follow-on activity, generating 5,317 AI-executed commands across 34 attack sessions.
The report also found that the window between a vulnerability disclosure and a working exploit has collapsed from days to hours, prompting some government authorities to shorten mandated remediation timelines to as little as 12 hours for the most critical internet-facing systems.
Prompt injection and identity risks on the rise
- Detections of long, malicious prompt-injection payloads rose roughly fivefold between March and May 2026
- Trained reviewers correctly identified only around 41 per cent of AI-generated faces, undermining visual identity verification
- High-risk enterprise AI prompts doubled over the year, from roughly one in every 50 interactions to one in every 25
- Organisations now run an average of ten AI applications a month, many without formal approval, with 87 to 93 per cent experiencing at least one high-risk AI interaction monthly
The report notes that most enterprise data exposure stems from ordinary, sanctioned use rather than attacks, as employees share more context than they realise while seeking useful answers from AI tools.
“A year ago we described AI as a force multiplier for attackers. What we documented this year is more significant: AI has crossed into the live attack chain and is now running operations that once required a skilled team. The expertise barrier that separated capable attackers from the rest is disappearing, and defenders can no longer assume a human is setting the pace on the other side,” said Lotem Finkelstein, Vice President, Check Point Research.
Three imperatives for enterprise defenders
Check Point frames its response around three pillars: securing the AI systems organisations now depend on, matching the speed of AI-powered attacks with automated threat prevention, and governing how AI is used across the workforce through real-time data loss prevention and exposure management.
The findings arrive as enterprises across Asia Pacific accelerate AI deployment, often faster than they can govern it, raising the stakes for security teams already stretched thin.



Share your thoughts