ChannelLife New Zealand - Industry insider news for technology resellers
New Zealand
AI now drives live cyber attacks, Check Point says

AI now drives live cyber attacks, Check Point says

Wed, 15th Jul 2026 (Today)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Check Point has released its 2026 AI Security Report, which argues that artificial intelligence has moved from supporting cyber attacks to carrying them out.

The findings describe a shift in how attackers use AI. Rather than limiting it to research, planning or content creation, they are now using it inside live intrusions. Check Point Research said this pattern appeared in cases ranging from China-linked espionage operations to a criminal breach involving multiple Mexican government agencies.

The report says AI is now being used to produce ready-to-deploy malware and broader attack frameworks. In one example, a developer used an AI coding environment to create VoidLink, an 88,000-line command-and-control framework in less than a week.

That suggests the barrier to building advanced offensive tools has fallen further, even when the final code does not clearly reveal AI involvement. This also makes attribution harder because the finished software may show no obvious signs of machine generation.

Commercial models

Attackers are increasingly choosing commercial AI models over self-hosted alternatives. Rather than relying only on single-prompt tricks, they are abusing the wider agentic structure around those models.

One method highlighted in the report uses a malicious configuration file that an AI agent loads and continues to trust across sessions. The report describes this as a more durable way to bypass safeguards than one-off jailbreak prompts.

The study also points to a more developed criminal market for AI-based tools. According to the findings, phishing-as-a-service products now include language models with jailbreaks already embedded, while conversational voice-agent services are being used for vishing and one-time passcode theft at scale.

Identity risk

Another section focuses on digital identity and social engineering. Voice, face, documents and live video can now be forged cheaply and convincingly enough that virtual identity can no longer be treated as a dependable basis for trust.

Attackers are combining these forgeries across channels, giving fraud attempts a more integrated structure. That matters for businesses and public bodies that still rely on facial checks, voice authentication or video interactions as part of verification processes.

Check Point also warned that AI systems themselves are becoming a broader attack surface. Models do not always distinguish cleanly between data and instructions, meaning content submitted to them can influence their behaviour in unintended ways.

Beyond the model itself, the surrounding software stack creates additional exposure through ordinary software flaws and supply-chain weaknesses. The report says the pace of change in the AI market has left security practices uneven across the ecosystem.

Prompt injection

Indirect prompt injection featured prominently in the findings. Detections of longer malicious payloads rose about fivefold between March and May 2026 and came close to 1% of observed prompts in May.

According to the report, longer payloads are more commonly associated with content-borne and agent-based attack routes. That pattern indicates indirect prompt injection is becoming operationally relevant rather than remaining a theoretical concern.

The report also examined data leakage through generative AI in workplace settings. It found that high-risk prompts doubled over the past year from 2% to 4%, while organisations used an average of 10 AI applications each month.

Many of those tools were being used without formal approval. That creates a governance problem for companies that may have policies on approved software but limited visibility into how staff are using consumer and specialist AI services.

Sector differences

Risk levels were not spread evenly across industries. The distribution of AI-related data exposure tracked both differences in usage patterns and the maturity of security controls in each sector.

Business Services recorded the highest rate of high-risk generative AI prompts at 5.91%. That equates to nearly one in every 17 AI interactions carrying a significant risk of sensitive data exposure.

The findings add to a wider debate over whether AI is mainly changing the speed of cyber crime or altering its structure. Check Point concludes that the technology is now doing more of the operational work itself, from writing attack code to handling deception and interaction during an intrusion.

Among the report's central findings is a simple measure of that shift: AI has crossed from development aid to live attack operator.