🎯 1. CyberStrikeAI: The Chinese Tool That Breached 600 Firewalls Across 55 Countries

In February 2026, Amazon Threat Intelligence uncovered an unprecedented attack campaign that fundamentally changed the rules of cybersecurity. An unidentified hacker, leveraging commercial AI services like Anthropic Claude and DeepSeek, systematically targeted FortiGate devices and compromised over 600 units across 55 countries. This wasn't an attack exploiting a sophisticated vulnerability—it was an AI system capable of automatically identifying targets, guessing weak passwords, and infiltrating networks.

What is CyberStrikeAI? Following deeper investigation, Team Cymru discovered the hacker used an open-source tool called CyberStrikeAI—an AI-powered security testing platform developed by a Chinese developer known as Ed1s0nZ. Written in Go, this tool integrates over 100 security utilities and can automatically discover vulnerabilities, analyze attack chains, and visualize results. The critical issue? While designed for "security testing," in the hands of malicious actors, it becomes a powerful weapon.

Connection to Chinese Government: Team Cymru's research suggests Ed1s0nZ likely has ties to the Chinese government. The developer has interacted with companies like Knownsec 404—a Chinese security firm whose 12,000+ internal documents leaked in November 2025, revealing collaboration with China's Ministry of State Security (MSS) and the People's Liberation Army (PLA). Ed1s0nZ also previously claimed on his GitHub profile to have received a Level 2 award from China's National Vulnerability Database (CNNVD)—though he recently removed this information, presumably to obscure government connections.

How Does It Work? CyberStrikeAI is a fully automated system that can: 1) Automatically scan the internet to identify FortiGate devices with exposed management interfaces, 2) Use AI models to generate likely password lists (based on common patterns and public information), 3) Execute brute-force attacks automatically, 4) Upon success, automatically install backdoors and maintain persistent access. This entire process runs without human intervention—you configure it once, and the AI handles the rest.

Why FortiGate? FortiGate devices are among the most popular enterprise firewalls, deployed in thousands of companies, universities, and government organizations. If a hacker gains access to a FortiGate, they essentially hold the keys to the entire internal network—they can monitor traffic, steal data, and attack internal systems. This makes FortiGate a golden target for attackers.

Rapid Expansion: Between January 20 and February 26, 2026, Team Cymru identified 21 unique IP addresses running CyberStrikeAI. These servers were primarily hosted in China, Singapore, and Hong Kong, but additional servers were discovered in the US, Japan, and Switzerland. This indicates that CyberStrikeAI usage is spreading rapidly—likely other hackers are adopting this tool.

Security Community Response: The revelation sparked widespread concern in the cybersecurity community. Kevin Beaumont, a renowned security researcher, stated: "This is a turning point. We're no longer just dealing with human hackers—we're facing autonomous AI systems that can attack 24/7 without fatigue." Fortinet immediately issued a security advisory, urging customers to enable MFA (multi-factor authentication) and isolate management interfaces from the public internet.

Is This Legal? CyberStrikeAI is released as a "security testing tool," and Ed1s0nZ claims "everything is purely for research and learning." However, the reality is this tool can easily be weaponized for real attacks—and that's exactly what happened. This raises significant legal and ethical questions: Are developers of hacking tools responsible for misuse? In most countries, the answer is "no"—unless you can prove the developer intended to aid criminal activity.

🦠 2. Slopoly: The First AI-Generated Malware Used in Real-World Attacks

While the world was still reeling from the CyberStrikeAI attack, IBM X-Force dropped an even more alarming revelation: the discovery of the first malware generated by a Large Language Model (LLM) used in an actual attack. This malware, dubbed "Slopoly" by IBM, was deployed by the Hive0163 ransomware group in early 2026, allowing them to maintain persistent access to a victim's server for over a week. This is no longer a proof-of-concept—this is a real weapon used in cyber warfare.

What is Slopoly? Slopoly is a PowerShell-based backdoor that functions as a client for a Command-and-Control (C2) framework. This malware is typically deployed in later stages of an intrusion—after attackers have already established a foothold—and is used to maintain persistent remote access to Windows systems. What makes Slopoly special is how it was created: all evidence points to this code being generated by an LLM.

How Did They Know It Was AI-Generated? IBM X-Force researchers identified several strong indicators that Slopoly was written by AI: 1) Extensive and detailed comments—extremely common in AI-generated code, 2) Comprehensive logging and error handling—more than a typical hacker would write, 3) Precise variable naming—exactly like AI code, 4) An unused Jitter function—likely the result of iterative development with an LLM, 5) Comments describe the code as a "Polymorphic C2 Persistence Client," but the code isn't actually polymorphic—an exaggerated claim typical of AI-generated code.

How Does It Work? Slopoly is a fully functional backdoor that begins by collecting basic system information and sending it as JSON to the C2 server. A sample heartbeat looks like this: {"action":"heartbeat","bot_ip":"","elevated":,"session_id":,"user":,"bot":}. After sending the heartbeat, the malware polls for new commands every 50 seconds. Commands received from the server are executed via cmd.exe, and results are sent back to the server. The malware also maintains a detailed log file that rolls over when it reaches 1MB.

Which AI Model Was Used? IBM X-Force couldn't definitively identify which model was used to generate Slopoly, but the code quality suggests it was likely a less advanced model—perhaps GPT-3.5, an open-source model like Llama 2, or even a Chinese model like DeepSeek. The important point is that the variable naming indicates the model intended to design a malicious script—meaning whatever guardrails the model had were successfully bypassed.

What Was the Real Impact? From a purely technical perspective, Slopoly is average malware—neither highly sophisticated nor overly simple. But its real impact lies elsewhere: Hive0163 used Slopoly to maintain persistent access to the infected server for over a week. Unfortunately, IBM X-Force couldn't recover any of the commands executed during this period, but they were likely used for data exfiltration and ransomware attack preparation.

Security Industry Response: The discovery of Slopoly sparked widespread debate in the cybersecurity community. Palo Alto's Unit 42, in their Global Incident Response 2026 report, documented similar observations of AI use in ransomware attacks. They stated: "The introduction of AI-generated malware doesn't technically create a new or complex threat. However, it disproportionately empowers threat actors by reducing the time an operator needs to develop and execute an attack."

Is This Just the Beginning? Yes, unfortunately. Hive0163's use of Slopoly demonstrates that high-profile ransomware groups are testing AI—likely as a "live-fire exercise." This means they're learning how to use AI, and soon these tools will become a core part of their arsenal. IBM X-Force predicts we're entering the "era of ephemeral malware"—malware generated for a specific attack, used, and then discarded.

👥 3. Hive0163 Group: Ransomware Operators Leveraging AI

Hive0163 is a financially motivated threat actor group specializing in post-compromise activities for large-scale data exfiltration and ransomware deployment. This group operates multiple custom backdoors to facilitate long-term access to enterprise environments. IBM X-Force has identified numerous suspicious relationships with former ITG23 crypter developers and malware developers/operators, including Broomstick (aka Oyster/CleanUpLoader), Supper (aka SocksShell), PortStarter, SystemBC, and Rhysida ransomware.

Group Structure: Unlike many ransomware groups that operate in silos, Hive0163 has multiple dynamic subgroups with access to private crypters, malware frameworks, and ransomware variants—likely developed at least partially by group members. This means Hive0163 isn't a centralized group, but rather a network of hackers and developers collaborating together.

Initial Access Methods: For initial access, Hive0163 employs several techniques: 1) ClickFix - a social engineering technique that tricks users into executing a malicious PowerShell script, 2) Malvertising - malicious advertisements redirecting to infected sites, 3) Initial Access Brokers (IAB) - purchasing access from brokers like TA569 (SocGholish malware) and TAG-124 (Landupdate808, KongTuke).

NodeSnake and InterlockRAT: Hive0163's attack chain begins with NodeSnake—a NodeJS-based malware that's the first stage of a larger C2 framework. This framework includes multiple client implementations with varying capabilities in PowerShell, PHP, C/C++, Java, and JavaScript for Windows and Linux. NodeSnake communicates with the C2 server via HTTP POST and supports commands like downloading and executing EXE/DLL/JS payloads, executing shell commands, changing beacon intervals, creating persistence, and updating itself.

After NodeSnake, a more advanced backdoor called InterlockRAT is deployed. This JavaScript-based backdoor uses web sockets for C2 communication and supports a larger command list. Notable capabilities include creating SOCKS5 tunnels and launching direct reverse shells on the infected device. Both malware samples include a list of Cloudflare tunnel domains and a smaller list of IP addresses as hardcoded C2 servers.

Interlock Ransomware: The Interlock ransomware used in this attack is a 64-bit executable packaged with the JunkFiction loader. This ransomware can be executed with various arguments to control its behavior: -d to encrypt a specific directory, -f to encrypt a specific file, -del to delete itself after encryption, -s to run as a scheduled task, -r to release files using Restart Manager, and -u to save encrypted session keys in separate files.

Why Add Slopoly? The interesting point is that Hive0163 already had multiple powerful backdoors (NodeSnake, InterlockRAT), so why add Slopoly? IBM X-Force believes this was likely a "live-fire exercise"—meaning Hive0163 was testing Slopoly in a real attack to see how well it performs. This shows that ransomware groups are actively experimenting with AI and learning how to use it.

Hive0163 Evolution: This group is rapidly evolving. They've transformed from a traditional ransomware group into a sophisticated organization leveraging the latest technologies (including AI). Their network structure—with multiple subgroups and access to private tools—means they can innovate faster than competitors and respond to new defensive techniques.

⚙️ 4. How AI Attacks Work: From Discovery to Infiltration

To understand why AI-powered attacks are so dangerous, we need to understand exactly how they work. Let's examine the complete process of an AI-assisted attack from start to finish—from target identification to final infiltration and data exfiltration.

Stage 1: Automated Target Discovery: The first step in any cyberattack is finding vulnerable targets. Traditionally, this required manual scanning and result analysis—a time-consuming process that could take days or weeks. But with CyberStrikeAI, this process is fully automated. The tool can automatically scan the internet, identify FortiGate devices with exposed management interfaces, and compile a list of potential targets—all within hours.

Stage 2: AI-Powered Credential Generation: After identifying targets, the next stage is finding a way in. Traditionally, hackers used predefined lists of common passwords. But AI can operate much more intelligently. Large language models can: 1) Analyze password patterns specific to an organization (based on public information, previous breaches, etc.), 2) Generate likely passwords based on company name, industry, and geographic location, 3) Suggest intelligent combinations of words, numbers, and special characters with high success probability.

Stage 3: Smart Brute-Force: After generating the credential list, AI can intelligently execute the brute-force attack. Unlike traditional attacks that test all combinations sequentially, AI can: 1) Learn from previous attempt results and adjust strategy, 2) Adjust attack speed to avoid triggering detection, 3) When a pattern succeeds, prioritize similar patterns. This means the attack is both faster and stealthier.

Stage 4: On-the-Fly Malware Generation: One of AI's most dangerous capabilities is the ability to generate custom malware on demand. After successful infiltration, a hacker can ask a large language model to write a custom backdoor that: 1) Is optimized for the specific operating system and architecture, 2) Uses specific evasion techniques to bypass antivirus, 3) Has specific capabilities needed for this attack. This entire process can take minutes—compared to days or weeks for manual development.

Time Comparison: Let's see how much AI has accelerated the attack process:

Why Does This Matter? Reducing time from weeks to days (or even hours) means: 1) Hackers can conduct more attacks, 2) Security teams have less time to detect and respond, 3) Attack costs decrease for hackers, making more attacks economically viable, 4) Even inexperienced hackers can execute sophisticated attacks.

Role of Commercial AI Models: One of the most concerning aspects of these attacks is the use of commercial AI models like Claude and DeepSeek. This means hackers don't even need to build their own models—they just need to buy a subscription (or use stolen API keys) and start. AI companies try to prevent misuse with guardrails and content filters, but as Slopoly demonstrated, these restrictions can be bypassed.

🌍 5. Impact on the Security Industry: Why the Rules Have Changed

The discovery of CyberStrikeAI and Slopoly aren't just two separate security incidents—they're signs of a fundamental transformation in the cybersecurity industry. Let's examine how these developments are changing the entire industry and what implications they hold for the future.

The End of Signature-Based Detection: For decades, the security industry has relied on signature-based detection—meaning antiviruses maintain a database of known malware and compare files against it. But with AI-generated malware that's different every time, this method no longer works. Slopoly can be generated with different code each time—meaning there's no fixed "signature" to detect. This means the security industry must move toward behavior-based detection—instead of looking for specific code, we look for suspicious behavior.

The Attribution Problem: One of the core pillars of threat intelligence is attribution—determining which group or country is behind an attack. But with AI-generated malware, attribution becomes much harder. Traditionally, security researchers used unique code characteristics (like programming style, comments, etc.) to identify developers. But when code is AI-generated, these unique characteristics don't exist—all AI code has a similar style. This means we may not be able to determine who's behind an attack.

Rising Defense Costs: As attacks become more sophisticated, defense costs increase. Companies must: 1) Invest in more advanced tools (like EDR, XDR, and AI-powered SIEM), 2) Hire larger and more skilled security teams, 3) Provide continuous employee training, 4) Invest in threat intelligence and incident response. According to Gartner estimates, cybersecurity costs for medium to large companies increased approximately 40-60% in 2026 compared to 2024.

The Skills Gap: The cybersecurity industry already faced a shortage of skilled professionals—and now with the emergence of AI threats, this gap has worsened. Security teams need to: 1) Understand how AI models work, 2) Identify and analyze AI-generated malware, 3) Use defensive AI tools, 4) Be familiar with new attack techniques. But professionals with these skills are scarce, and demand for them is extremely high.

The AI Arms Race: We've entered an AI arms race—hackers use AI to attack, and defenders must use AI to defend. This means: 1) Security companies are rapidly developing AI-powered tools, 2) Investment in security AI has increased dramatically, 3) Competition to hire AI experts has intensified, 4) Academic research on security AI is growing rapidly. But the question is: Can defenders keep pace with attackers?

Impact on Small Businesses: One of the most concerning aspects of these developments is their impact on small and medium businesses (SMBs). These companies typically have less budget and resources for cybersecurity and can't invest in advanced tools and expert teams. With the democratization of AI attack tools, SMBs become easier targets. This can lead to: 1) Dramatic increase in attacks on SMBs, 2) Bankruptcy of small companies after ransomware attacks, 3) Increased cyber insurance costs, 4) Decreased customer trust in small businesses.

Role of Governments and Legislation: Governments and regulatory bodies are responding to these threats, but the pace of legislation is much slower than the pace of technological evolution. Some ongoing actions: 1) The European Union is drafting new laws for security AI, 2) The US is considering export restrictions on powerful AI models, 3) China has strict regulations for AI use, 4) International organizations like Interpol are increasing cooperation to combat AI cybercrime. But the question is: Are these actions sufficient?

🛡️ 6. Defense Solutions: How to Protect Ourselves

Now that we understand the threat we're facing, let's see how we can protect ourselves. The good news is that despite the complexity of threats, there are practical and effective solutions that can dramatically reduce risk.

1. Immediate MFA (Multi-Factor Authentication) Activation: The first and most important step is enabling multi-factor authentication on all sensitive systems—especially management interfaces. The CyberStrikeAI attack only succeeded because FortiGate devices were protected only by username/password. With MFA, even if a hacker finds the password, they can't log in without the second factor (like SMS code, authenticator app, or security key). This is a powerful defensive wall that makes brute-force attacks useless.

2. Implement Zero Trust Architecture: The Zero Trust security model is based on the principle that "nothing and no one is trusted"—even if inside the network. This means: 1) Every access must be authenticated and authorized, 2) Access should be limited to the minimum necessary (principle of least privilege), 3) Network traffic must be continuously monitored and analyzed, 4) Network segmentation to prevent lateral movement. With Zero Trust, even if a hacker gains access to one system, they can't easily access other systems.

3. Use Defensive AI: To fight offensive AI, we must use defensive AI. Modern security tools like EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) use machine learning to identify suspicious behaviors—even if the malware is new and unknown. These tools can: 1) Identify unusual patterns, 2) Automatically respond to threats, 3) Use historical data to predict future attacks, 4) Reduce false positives.

4. Continuous Employee Training: Humans are always the weakest link in the security chain. The ClickFix attack used by Hive0163 relied entirely on social engineering—tricking users into executing malicious code. Continuous employee training can reduce this risk: 1) Training to identify phishing emails, 2) Awareness of new social engineering techniques like ClickFix, 3) Attack simulation exercises, 4) Building a security culture in the organization. Remember: The best firewall in the world can't protect against a deceived user.

5. Monitoring & Incident Response: Having a 24/7 monitoring system and a ready incident response team can be the difference between a small attack and a major disaster. This includes: 1) SIEM (Security Information and Event Management) for collecting and analyzing logs, 2) SOC (Security Operations Center) for continuous monitoring, 3) Written and practiced Incident Response Plan, 4) Threat Intelligence for awareness of new threats. With Slopoly having access for over a week, a good monitoring system could have detected it much earlier.

6. Active Threat Hunting: Instead of waiting for alerts to trigger, we should actively search for hidden threats. Threat Hunting means: 1) Regular log review for suspicious patterns, 2) Searching for new Indicators of Compromise (IOCs), 3) Analyzing user and system behavior, 4) Examining anomalies and deviations from baseline. With AI threats that can be very stealthy, active threat hunting is essential.

7. Collaboration and Information Sharing: No organization can face AI threats alone. Collaboration and information sharing are essential: 1) Membership in industry ISACs (Information Sharing and Analysis Centers), 2) Sharing IOCs with other organizations, 3) Cooperation with government and law enforcement agencies, 4) Participation in the cybersecurity community. The faster information about new threats is disseminated, the better we can protect ourselves.

8. Continuous Testing and Assessment: Security is a continuous process, not a one-time project. We must regularly: 1) Conduct Penetration Testing, 2) Run Vulnerability Assessments, 3) Have Red Team / Blue Team Exercises, 4) Practice the Incident Response Plan. These tests help identify weaknesses before hackers find them.

🎯 Conclusion: The Future of Cybersecurity in the AI Era