Tech Industry News

Lead Analysts: Jeewan Singh Jalal, Dilsha Dines, Karthikeyan Dharmaraj

In just a couple years, deepfakes have gone from cartoonishly silly and largely academic exercises to sophisticated audio and video creations with the potential to trick just about anyone into believing they’re the real thing.

When geopolitical tensions rise, whether due to conflicts like the current one involving Iran or other global flashpoints, many organizations focus on physical security, supply chains, or political implications. But there is another battlefield that lights up almost immediately: the human mind.

Researchers at Push Security have analyzed a phishing platform used by organized criminal threat actors like ShinyHunters and BlackFile, finding more than 400 domains linked to attacks launched by the phishing kit.

The era of “typing into a box” is over. For years, we viewed artificial intelligence as a digital assistant—a sophisticated autocomplete tool that waited for human input. But according to Martin Kraemer, KnowBe4’s CISO Advisor for Europe and the Middle East, that dynamic has shifted. We have moved from asking AI questions to giving AI jobs.

Threat actors are increasingly augmenting their attacks with AI tools, according to researchers at Google’s Threat Intelligence Group (GTIG). For the first time, GTIG observed a threat actor using a zero-day exploit developed by AI, although Google blocked the attack before it succeeded. Threat actors also continue to use Large Language Models (LLMs) for research, reconnaissance, and malware development.

In 2024, we talked to AI. In 2026, AI is talking to our systems, our customers, and increasingly, acting on our behalf. With AI agents, we are moving AI from a tool to an actor, from assistance to agency and from outputs to actions. And that changes the nature of risk. AI agents plan, execute, and interact with the world on our behalf. They send emails, move data, trigger workflows, and increasingly operate across systems without human intervention.