Allgemein

About Offensive AI, Part II

by Monja Janneck

März 2, 2026
9:49 a.m.

Oh Boy, Oh Boy, what crazy times we live in.

12 Months ago the fuzz was all about MCP, then we saw the rise of agentic AI and skills in a short timeframe, and now its all about agentic swarms, OpenClaw, personal agents etc.

In June 2025 we published our first article „No More Secrets: The Use of Offensive AI“ which took a snapshot of what was the state of AI/LLM in offensive security at that time, and our conclusion was:

AI makes the good ones faster, attacks cheaper and the impact more precise. Also, AI is currently implemented into attack-tools, which means no attackvectors will remain hidden, leading to an sharp increase of successrates.

At that moment, AI was supporting different stages of an attack without the ability to go beyond script kiddy level and execute complex tasks like recon, choosing the right attack paths, adjusting playloads, beeing stealthy as possible etc.

Now, just 9 months later, the landscape has changed drastically, with no end in sight.

Let me give some examples from just 2026 alone that shows the path AI in offensive security heads to:

PentAGI, an autonomous RedTeaming Agent

Github: https://github.com/vxcontrol/pentagi

the cybersecurity industry is about to get completely disrupted.. 💀

someone just open-sourced a fully autonomous AI Red Team.

it’s called PentAGI. multiple AI agents that talk to each other to hack a target. zero human input.pic.twitter.com/NQdyTs1LGw

— Oliver Prompts (@oliviscusAI) February 19, 2026

Anthropic disrupts AI espionage

In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree—using AI not just as an advisor, but to execute the cyberattacks themselves.

Article: https://www.anthropic.com/news/disrupting-AI-espionage

0-Day-Flood by AI expected

AI models can now find high-severity vulnerabilities at scale. Our view is this is a moment to move quickly—to empower defenders and secure as much code as possible while the window exists.

Article: https://red.anthropic.com/2026/zero-days/

AWS: AI-augmented threat actor accesses FortiGate devices at scale

Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale. A recent investigation illustrates this shift: Amazon Threat Intelligence observed a Russian-speaking financially motivated threat actor leveraging multiple commercial generative AI services to compromise over 600 FortiGate devices

Article: https://aws.amazon.com/blogs/security/ai-augmented-threat-actor-accesses-fortigate-devices-at-scale/

That is just a small selection, but the trend is clearly visible:

You will get attacked soon by a swarm of red teaming agents, in the beginning on beginners level, but the systems will learn fast, and reach senior level within a couple of months.

About Offensive AI, Part II

PentAGI, an autonomous RedTeaming Agent

Anthropic disrupts AI espionage

0-Day-Flood by AI expected

AWS: AI-augmented threat actor accesses FortiGate devices at scale

It’s High Time to get your external attack surface under control

Latest posts

About Offensive AI, Part II

Understanding Short Burst DDoS Attacks: The Evolution of PulseWave Tactics

DDoSing Starlink (Iran, Taiwan)

New Attack-Vector against HTTP/2 (MadeYouReset)

NoName057 is back

Adresse

Avydos

Quick Links