Artificial intelligence (AI) is being leveraged more in cyberattacks, making them increasingly autonomous and complex, as per a recent report. Anthropic’s analysis revealed a rise in AI utilization by threat actors, with over 800 accounts banned for malicious cyber activities between March 2025 and March 2026. Notably, attackers are now employing AI beyond initial attack stages, delving deeper into the cyberattack lifecycle.
The report highlighted that around 67% of the scrutinized accounts utilized AI for activities like malware development during attack preparation. Moreover, there is a noticeable trend towards more operationally intricate tasks post unauthorized system access. Anthropic’s findings suggested that AI is aiding in elevating the threat posed by attackers, with medium to high-risk actors increasing from 33% to 56% over the analysis period.
Furthermore, the report indicated a decline in AI-assisted phishing activities but a surge in AI use for post-compromise tasks such as account discovery and system navigation within compromised networks. It warned of cyberattacks becoming more self-sufficient, with attackers employing AI systems to string together various attack stages with minimal human involvement. The report also pointed out that traditional methods of assessing attacker sophistication are becoming less reliable due to AI empowering less skilled actors to execute technically complex operations.
Additionally, the report underscored the inadequacy of existing cybersecurity frameworks like MITRE ATT&CK in fully addressing AI-enabled threats, especially those involving AI agents capable of independent tactical decision-making and attack orchestration. It emphasized the rapid evolution of AI capabilities reshaping cyber threats globally and posing new challenges for cybersecurity defenders.
