There has been a decisive shift in cyberattacks over the past 12 months: artificial intelligence (AI) has moved from assisting attackers to operating attacks, according to Check Point’s Annual AI Security Report 2026.
Where AI once helped criminals prepare, it now runs live intrusions with minimal human direction – compressing the response time for defenders and opening new attack surfaces across the enterprise as enterprise adoption of AI outpaces AI governance controls.
“A year ago, we described AI as a force multiplier for attackers,” says Lotem Finkelstein, vice-president of Check Point Research. “What we documented this year is more significant: AI has crossed into the live attack chain and is now running operations as a sole operation that once required a skilled team. The expertise barrier that separated capable attackers from the rest is disappearing, and defenders can no longer assume a human is setting the pace on the other side.
“The organisations that stay ahead will be the ones that govern how AI is used, secure the AI systems they now depend on, and defend at machine speed rather than human speed,” Finkelstein adds.
The report is grounded in real incidents, telemetry, and original case studies from the past year and sets out what has changed for defenders as AI participates directly at every stage of the attack chain.
Key findings from the Annual AI Security Report 2026 include:
- AI is now operating attacks, not just enabling them. Researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of executed commands across dozens of sessions with minimal human direction between steps. In one breach of nine Mexican government agencies, a single operator ran two commercial AI tools together – Claude Code to break in and explore networks, and GPT-4.1 – generating 5 317 AI-executed commands across 34 attack sessions to analyse stolen data and task follow-on activity, according to industry reports.
- Vulnerability window has collapsed from days to hours. AI can now turn a fresh vulnerability disclosure into a working exploit within hours, prompting government authorities to shorten mandated remediation timelines to as little as 12 hours for the most critical Internet-facing systems.
- Detections of long, malicious prompt-injection payloads rose roughly fivefold between March and May 2026. The sharp increase in large malicious payloads is consistent with indirect prompt injection becoming a routine attack path and operational enterprise risk rather than a theoretical one, as AI itself becomes an attack surface.
- Identity can no longer be trusted as a standalone security control. Voice, face, documents, and realtime video can now be convincingly synthesised, with highly trained reviewers only correctly detecting approximately 41% of AI-generated faces. This will force organisations to move beyond visual verification towards stronger identity assurance, MFA, and out-of-band verification methods.
- High-risk enterprise AI prompts doubled over the year, from roughly one in every 50 interactions to one in every 25. The average organisation now runs 10 AI applications a month, many without formal approval, while between 87% and 93% experience at least one high-risk AI interaction monthly.
- Most enterprise data exposure comes from ordinary, approved use, not from attacks, as employees share more context than they realise to get a useful answer.
Shayimamba Conco, security evangelist: Africa at Check Point, says of the implications for South African and African organisations: “AI is making cyberattacks faster, more convincing, and harder to detect. SA and African businesses face increased risks of ransomware, business email compromise, data breaches, and financial fraud, while consumers are increasingly targeted through AI-generated phishing, identity theft, and banking scams. As digital adoption grows across Africa, organisations must assume that identity-based attacks will continue to rise.
“African organisations should build cybersecurity into every digital transformation initiative by adopting Zero Trust, securing identities, modernising remote access with SASE, leveraging AI-powered security, and implementing strong cyber governance,” Conco adds. “As cyberthreats evolve, prevention and resilience must become strategic business priorities rather than purely IT concerns.”