AI-Powered Cyberattacks Accelerate to Machine Speed

Cybersecurity firm Picus Security has issued a warning regarding the escalating threat of AI-powered cyberattacks. These attacks, termed "AI hyperattacks," leverage AI agents to autonomously conduct the entire attack lifecycle. This includes vulnerability discovery, exploit development, credential abuse, lateral movement, and data exfiltration, all operating at machine speed.

The report emphasizes that AI-driven attacks are no longer theoretical. In a February 2026 FortiGate campaign, an AI attack chain successfully compromised 2,516 devices across 106 countries simultaneously. The entire process ran autonomously, with human involvement limited to reviewing the results.

AI's capability in discovering vulnerabilities has also significantly advanced. Anthropic's Mythos model, for instance, identified vulnerabilities in major operating systems and browsers. A concerning statistic indicates that less than 1% of these discovered vulnerabilities have been patched, even as they are chained into functional exploit sequences.

According to Picus Security, attackers enabled by AI can transition from initial compromise to data exfiltration within minutes. Previously, this process demanded days or weeks and considerable human expertise. The report also highlights a dramatic reduction in the mean time-to-exploit (TTE) following vulnerability disclosure, projected to be as short as 24 hours by 2026.

Traditional, human-driven security testing methods, such as penetration testing, are becoming insufficient against this accelerated threat landscape. Attackers operate at machine speed, while defenders' cycles are considerably slower. This speed disparity, coupled with internal communication bottlenecks, makes proactive and rapid defense increasingly challenging.