From the Summer 2026 Issue

Cybersecurity Risks and Artificial Intelligence

Connie Uthoff
Program Director, Cybersecurity Strategy and Information Management (CSIM) Program | The George Washington University College of Professional Studies

      

Regarded as a pioneer of artificial intelligence (AI) and a recipient of the 2024 Nobel Prize in Physics, Geoffrey Hinton recently warned the public about the growing risks associated with advanced AI systems.[1] In his Nobel Prize banquet speech, Hinton expressed ways that AI could positively change the world. However, he also cautioned that emerging AI systems could cause significant societal and security disruptions worldwide.[2] AI, he warned, could be extremely damaging, especially if the systems are not developed or managed responsibly.[3]

The advancement of AI has generated both optimism and concern across the public and private sectors, given its potential to enhance society as well as the evolving risks it poses.[4] Some experts note that AI will enhance organizational efficiency and improve cybersecurity [5] while others argue that AI adoption has already introduced security challenges that many will struggle to manage effectively.[6]

Much like Hinton, industry leaders warn that, despite its potential, AI is creating new opportunities for exploitation, while also increasing attack surfaces and security challenges.[7] In fact, according to 2026 threat reporting, adversaries have already leveraged AI in cyberattacks. They have increased AI-enabled operations and have used AI in reconnaissance, credential theft, social engineering, and evasion. AI-generated phishing emails, synthetic voice communications, and automated targeting now allow attackers to conduct more convincing and scalable campaigns than ever before.[8]

As AI adoption accelerates across organizations, there is growing pressure to defend not only against AI-enabled attacks but also against the compromise of the AI systems themselves.

AI systems themselves are also vulnerable to prompt injections, model poisoning, and manipulation of external APIs.[9] MITRE ATLAS documents these weaknesses through real world observations and case studies.[10] Global threat reports similarly show that attackers are using AI to support and scale cyber campaigns, bypass safeguards, and manipulate chatbot behavior. As AI adoption accelerates across organizations, there is growing pressure to defend not only against AI-enabled attacks but also against the compromise of the AI systems themselves. Figure 1 illustrates this expanding AI cyber threat landscape.

Figure 1. The Emerging AI Cyber Threat Ecosystem

AI-Related Cybersecurity Incidents

Over the past year, there has been a growing number of AI-related cybersecurity incidents, reflected in Figure 2, indicating that cybersecurity concerns associated with AI are no longer hypothetical, but a very real, expanding security threat.

For example, in November 2025, Anthropic identified an AI-orchestrated cyber campaign involving agentic AI systems.[11] According to threat reports, a Chinese state-sponsored threat group manipulated Anthropic’s Claude Code platform to conduct cyber operations against approximately thirty international targets.[11] The targets included technology companies, financial institutions, chemical manufacturers, and government agencies.[11] This campaign demonstrated how AI systems can support reconnaissance, operational planning, and coordinated cyber activity with limited human intervention. Earlier in 2025, Anthropic also reported that malicious actors used Claude to target healthcare organizations, government entities, and other sectors. Claude assisted threat actors with automated reconnaissance, network penetration, and the crafting of ransom pricing and communication.[11]

These were not isolated attacks. Nor did attacks subside. Later, in February 2026, Anthropic identified three Chinese AI labs attempting to steal Claude’s capabilities to train their own models.[12] This is especially concerning because foreign competitors that steal advanced U.S. developed AI systems could use them to advance their own intelligence collection, surveillance, or offensive cyber operations.[13]

In a separate campaign in February 2026, a hacker exploited an Anthropic chatbot and breached various Mexican government agencies.[14] Researchers found that the attacker used more than 1,000 prompts to direct Claude Code to generate exploits and automate exfiltration. This incident offers additional insight into how threat actors can manipulate AI systems and the scale and speed in which AI systems can be adapted for offensive cyber operations. These systems may also lower the technical barrier for sophisticated attacks, increasing the chance that less advanced threat actors could conduct operations that previously required specialized cyber expertise.[15]

Threat actors have also targeted AI and cloud development supply chains.[16] One example was announced by the Cybersecurity and Infrastructure Security Agency (CISA) on September 23, 2025.[17] In this attack, a self-replicating worm known as Shai-Hulud spread through developer platforms and compromised more than 500 software packages.[18] These packages were used by AI model developers, enterprise software vendors, and cloud service providers.[19] These incidents illustrate how adversaries can compromise software that organizations assume is safe.[20] Much like the SolarWinds breach, attacks against trusted software vendors create significant security risks across government, critical infrastructure, and private industry.

Though adversaries are using AI in myriad ways to enhance their capabilities, a 2026 global survey of more than 3,300 IT and cybersecurity leaders found that 90% of organizations believed AI would strengthen cybersecurity operations, yet only 8% reported being operationally prepared to deploy AI security systems effectively.[21] The survey also found that many organizations continue to struggle with basic cybersecurity practices and with implementing Zero Trust.[21]

This gap between AI capabilities and organizational readiness has raised heightened concerns across government and industry. In early 2026, researchers and policymakers warned that some AI models can identify vulnerabilities faster than organizations can patch them.[22] Subsequent reports about Anthropic’s Mythos model and OpenAI-related cyber capabilities reinforced these concerns.[23] Palo Alto Networks reported that AI systems identified 75 vulnerabilities in their products in a single month.[24] Google’s Threat Intelligence Group also discovered a zero-day exploit, which they argue was the first developed with AI. These and additional developments reflect how AI-enabled cyber operations have advanced, evolving from isolated use toward a more systematic adoption of AI in cyber campaigns.[25]

Anthropic’s Project Glasswing initiative is one response to key challenges around AI use.[26] According to Anthropic, its Claude Mythos model can identify and exploit thousands of software vulnerabilities across major operating systems, including zero-days and software flaws that have been undetected for years.[27] Because of the national security implications, Anthropic launched a cybersecurity initiative called Project Glasswing and provided multiple selected organizations, including Amazon, Microsoft, Nvidia, CrowdStrike, Verizon, and Apple, access to the Claude Mythos Preview model for defensive cybersecurity purposes.[28]

Using this approach as an illustration, as AI advances, initiatives like Project Glasswing could potentially strengthen cyber defense if used to collectively improve threat intelligence sharing, vulnerability remediation, and coordination across government and industry.

In addition, government officials and regulators in the United States, Australia, Britain, Canada, and the European Union stress that the risks associated with advanced AI cyber models such as Mythos, could accelerate cyber exploitation against critical systems and infrastructure.[29] These and other stakeholders also called for closer evaluation of the implications of AI-enabled vulnerability discovery and automated cyber operations.[30] To address immediate security concerns and enable more companies to protect their enterprises, in May 2026, Anthropic said it would allow Glasswing participants to share threat information, vulnerability findings, and defensive insights with other organizations facing similar risks. Using this approach as an illustration, as AI advances, initiatives like Project Glasswing could potentially strengthen cyber defense if used to collectively improve threat intelligence sharing, vulnerability remediation, and coordination across government and industry.[28]

Figure 2. Timeline of AI-Related Cybersecurity Incidents (2025–2026)

Figure 2. Timeline of major AI-related cybersecurity incidents between 2025 and 2026, including AI-assisted cyber campaigns, supply-chain compromises, and exploitation of AI systems.

Emerging Trends and Future Implications of AI in Cybersecurity

Advances in AI, recent threat campaigns, and uneven cybersecurity practices reflect several expanding and worrisome trends across both the public and private sectors. Though enterprises are using AI in defense, AI is also creating new security exposures across cloud environments, software supply chains, and critical systems.[31] This is troubling because as organizations become increasingly dependent on AI-enabled systems, the compromise of a single trusted platform or software dependency could cascade across multiple sectors simultaneously. [32] Despite the warnings, researchers find that governance, workforce readiness, and cybersecurity protections are still developing more slowly than AI capabilities themselves.[33]

Today, many organizations are addressing AI-related cyber risks through frameworks and approaches such as Zero Trust architecture, AI red teaming, workforce development, and improved monitoring.[34] However, some of these approaches may soon be outdated. Initiatives such as Anthropic’s Project Glasswing suggest that cybersecurity may be entering a fundamentally different era [35]. The AI systems capable of discovering vulnerabilities at machine speed will likely reshape how organizations conduct cyber defense.[36] Traditional approaches to patching, incident response, and human-led vulnerability management may become increasingly insufficient in environments where AI systems can identify and exploit vulnerabilities faster than organizations can remediate them. The long-term challenge may no longer be whether organizations adopt AI, but whether they can adapt quickly enough to manage advancing AI capabilities. The strategic implications extend beyond cybersecurity alone. These advances also raise questions around economic stability, critical infrastructure resilience, military readiness, intelligence operations, and geopolitical competition between nations.

AI offers opportunities for innovation and improved cybersecurity. However, with these advances, governments and industry must proceed with caution.

Successful AI integration will depend on whether organizations and nations can effectively manage the risks associated with these technologies while still fostering innovation and progress.

As AI systems become increasingly autonomous and interconnected, threat actors will continue their attempts to compromise them, testing security in the process. Successful AI integration will depend on whether organizations and nations can effectively manage the risks associated with these technologies while still fostering innovation and progress.[37] In addition, as AI advances, governance models will also need to keep pace. Emerging technology will require stronger public-private coordination and an evolving cybersecurity workforce to address the rapid changes in AI development and implementation.

In many ways, today’s challenges reflect similar foundational questions raised by early leaders of artificial intelligence, including Alan Turing, John McCarthy, and Geoffrey Hinton, who envisioned intelligent machines while also recognizing that advanced computational systems would fundamentally reshape society.[38] As AI advances, potentially impacting international security, those early questions are no longer theoretical. They are central to the future of cybersecurity, governance, and global stability. lock

Connie Uthoff

Endnotes

  1. Nobel Prize Outreach AB. “The Nobel Prize in Physics 2024.” Geoffrey Hinton – Banquet speech – NobelPrize.org.; Reuters. “Nobel Physics Prize Won by AI Pioneers John Hopfield and Geoffrey Hinton.” Reuters, October 8, 2024.; Cable News Network (CNN). “Nobel Prize in Physics 2024 Awarded for Work on Artificial Intelligence to John Hopfield and Geoffrey Hinton.” CNN, October 8, 2024.
  2. Hinton, Geoffrey. “Banquet Speech.” Geoffrey Hinton – Banquet speech – NobelPrize.org, December 10, 2024.
  3. Hinton, Geoffrey. “Banquet Speech.” Geoffrey Hinton – Banquet speech – NobelPrize.org, December 10, 2024.; Reuters. “Nobel Physics Prize Won by AI Pioneers John Hopfield and Geoffrey Hinton.” Reuters, October 8, 2024.; Cable News Network (CNN). “Nobel Prize in Physics 2024 Awarded for Work on Artificial Intelligence to John Hopfield and Geoffrey Hinton.” CNN, October 8, 2024.
  4. Sivakumar, R. et al. “Emerging Artificial Intelligence Cyber Threats and Governance Challenges.” Cybersecurity Review Journal 11, no. 2 (2025): 88–105.; White House. National Policy Framework for Artificial Intelligence; President Trump’s Cyber Strategy for America. Washington, DC: Executive Office of the President, 2026.; Syed, R. “Artificial Intelligence and Evolving Cyber Threats.” Journal of Strategic Cyber Studies 6, no. 1 (2025): 14–29.
  5. Rane et al. “Artificial intelligence for enhancing resilience.” Journal of Applied Artificial Intelligence5, no. 2 (2024): 1-33. Goffer, A., et al. “AI-enhanced cyber threat detection and response advancing national security in critical infrastructure.” Journal of Posthumanism 5, no. 3 (2025): 1667–1689.
  6. MITRE Corporation. MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems). McLean, VA: MITRE Corporation, 2025.; Google Cloud. “Secure your Agentic and Generative AI with Google Cloud.” Google Cloud, 2025.; Sivakumar, R. et al. “Emerging Artificial Intelligence Cyber Threats and Governance Challenges.” Cybersecurity Review Journal 11, no. 2 (2025): 88–105.
  7. 2026 CrowdStrike Global Threat Report; AI Accelerated Adversaries CrowdStrike, 2026.; Google Cloud. “Secure your Agentic and Generative AI with Google Cloud.” Google Cloud, 2025.; Palo Alto Networks. 2026. “2026 Unit 42 Global Incident Report
  8. Tiwari, S., et al. “AI-Powered Cyberattacks: A Comprehensive Study on Defending Against Evolving Threats.” Available at SSRN 5259363(2023); Sivakumar, R. et al. “Emerging Artificial Intelligence Cyber Threats and Governance Challenges.” Cybersecurity Review Journal 11, no. 2 (2025): 88–105.; CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.
  9. National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). Gaithersburg, MD: U.S. Department of Commerce, 2023.; OWASP Foundation. OWASP Top 10 for Large Language Model Applications. OWASP Foundation, 2025; Google Cloud. “Securing AI.” Google Cloud, 2025.
  10. MITRE Corporation. MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems). McLean, VA: MITRE Corporation, 2025.; Anthropic. Project Glasswing. Anthropic, 2026.; Palo Alto Networks. “2026 Unit 42 Global Incident Report.” Palo Alto Networks, 2025.
  11. Project Glasswing. Anthropic, 2026. Anthropic, “Disrupting the First Reported AI-Orchestrated Cyber Espionage Campaign,” Anthropic, November 13, 2025, Anthropic Report. Anthropic, “Detecting and Countering Misuse of AI: August 2025,” Anthropic, August 27, 2025, https://www.anthropic.com/news/detecting-countering-misuse-aug-2025
  12. Project Glasswing. Anthropic, 2026; Financial Times. “How Cyber Security Is Changing in the Age of AI.” Financial Times, 2026. Anthropic, “Disrupting the First Reported AI-Orchestrated Cyber Espionage Campaign,” Anthropic, November 13, 2025, Anthropic Report. Anthropic, “Frontier Model Security Framework Update,” Anthropic, February 2026, https://www.anthropic.com; Jeffrey Dastin, “Chinese Companies Used Claude to Improve Own Models, Anthropic Says,” Reuters, February 23, 2026
  13. Project Glasswing. Anthropic, 2026.; MITRE Corporation. MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems). McLean, VA: MITRE Corporation, 2025. Jeffrey Dastin, “Chinese Companies Used Claude to Improve Own Models, Anthropic Says,” Reuters, February 23, 2026
  14. Arghire, Ionut. “Hackers Weaponize Claude Code in Mexican Government Cyberattack.” SecurityWeek, March 1, 2026.; Gambit Security Research. “A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report.” Balens Blog, 2026.
  15. IANS News. “Anthropic’s ‘Project Glasswing’ Exposes the Next Challenge for Vulnerability Management.” IANS Research, April 19, 2026.; Anthropic. Project Glasswing. Anthropic, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation and Initial Access.” Google Cloud Blog, May 11, 2026. Arghire, Ionut. “Hackers Weaponize Claude Code in Mexican Government Cyberattack.” SecurityWeek, March 1, 2026.; Gambit Security Research. “A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report.” Balens Blog, 2026
  16. Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation and Initial Access.” Google Cloud Blog, May 11, 2026; Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025.; Palo Alto Networks Unit 42. “Shai-Hulud Worm Compromises npm Ecosystem in Supply Chain Attack.” Unit 42 Threat Research, 2025; Microsoft Defender Security Research Team. “Mini Shai Hulud: Compromised @antv npm Packages Enable CI/CD Credential Theft.” Microsoft Security Blog, May 20, 2026.
  17. Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025.
  18. Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025.; Palo Alto Networks Unit 42. “Shai-Hulud Worm Compromises npm Ecosystem in Supply Chain Attack.” Unit 42 Threat Research, 2025.
  19. Dark Reading. “Supply Chain Worms in 2026: What Shai-Hulud Taught Attackers and How to Prepare.” Dark Reading, December 22, 2025. Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025.; Palo Alto Networks Unit 42. “Shai-Hulud Worm Compromises npm Ecosystem in Supply Chain Attack.” Unit 42 Threat Research, 2025.
  20. Microsoft Defender Security Research Team. “Mini Shai Hulud: Compromised @antv npm Packages Enable CI/CD Credential Theft.” Microsoft Security Blog, May 20, 2026.; CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.; Palo Alto Networks. “Artificial Intelligence Threats and Software Supply-Chain Risks.” Palo Alto Networks, 2025.
  21. Zoho Corporation. Zoho State of Workforce Password Security Report 2026. Zoho Corporation, 2026.
  22. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026.; Gold, Ashley. “Scoop: Lawmakers Press White House to Act on AI Cyber Threats.” Axios, 2026. CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog
  23. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026; Financial Times. “How Cyber Security Is Changing in the Age of AI.” Financial Times, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog, May 11, 2026. Fortune. “Anthropic’s Mythos Reveals Security Gap: AI Finds Flaws Far Faster Than Companies Can Patch Them.” Fortune, April 14, 2026.
  24. Palo Alto Networks. “2026 Unit 42 Global Incident Report.” Palo Alto Networks, 2025. Sabin, Sam. “Exclusive: Palo Alto Networks says new AI models found 7x more vulnerabilities.” Axios, 2026.
  25. Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog, May 11, 2026; CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.; Subin, Samantha. “Palo Alto: AI-Driven Cyberattacks Will Be the ‘New Norm’ in Months.” CNBC, 2026.; Palo Alto Networks. “2026 Unit 42 Global Incident Report.” Palo Alto Networks, 2025.
  26. Project Glasswing. Anthropic, 2026. Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog, May 11, 2026; CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.; Subin, Samantha. “Palo Alto: AI-Driven Cyberattacks Will Be the ‘New Norm’ in Months.” CNBC, 2026.; Palo Alto Networks. “2026 Unit 42 Global Incident Report.” Palo Alto Networks, 2025
  27. Project Glasswing. Anthropic, 2026.; Forbes. “Five Reasons Anthropic Kept Its Cybersecurity Breakthrough Invite-Only.” Forbes, April 8, 2026.; IANS News. “Anthropic’s ‘Project Glasswing’ Exposes the Next Challenge for Vulnerability Management.” IANS Research, April 19, 2026.
  28. Project Glasswing. Anthropic, 2026.; Reuters. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026.
  29. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026; Financial Times. “How Cyber Security Is Changing in the Age of AI.” Financial Times, 2026.
  30. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog, May 11, 2026.
  31. Project Glasswing. Anthropic, 2026.; CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation and Initial Access.” Google Cloud Blog, May 11, 2026.; Palo Alto Networks. “2026 Unit 42 Global Incident Report..” Palo Alto Networks, 2026.
  32. MITRE Corporation. MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems). McLean, VA: MITRE Corporation, 2025.; Microsoft Defender Security Research Team. “Mini Shai Hulud: Compromised @antv npm Packages Enable CI/CD Credential Theft.” Microsoft Security Blog, May 20, 2026.; Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025.
  33. National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). Gaithersburg, MD: U.S. Department of Commerce, 2023.; Organization for Economic Co-operation and Development (OECD). “AI Principles Overview.” OECD AI Policy Observatory, 2024.; CyberRisk Alliance, “Organizations Slow to Transition to Zero Trust Framework,” CyberRisk Alliance, October 18, 2022; ISC2, “2025 ISC2 Cybersecurity Workforce Study,” ISC2, December 4, 2025; “Is Your Zero Trust Model Prepared for Modern Threats?” ITPro, March 2026
  34. National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). Gaithersburg, MD: U.S. Department of Commerce, 2023; Organization for Economic Co-operation and Development (OECD). “AI Principles Overview.” OECD AI Policy Observatory, 2024.; OWASP Foundation. OWASP Top 10 for Large Language Model Applications. OWASP Foundation, 2025; Google Cloud. “Securing AI.” Google Cloud, 2025.
  35. IANS News. “Anthropic’s ‘Project Glasswing’ Exposes the Next Challenge for Vulnerability Management.” IANS Research, April 19, 2026.; Anthropic. Project Glasswing. Anthropic, 2026.
  36. Project Glasswing. Anthropic, 2026.; Reuters. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026.; Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations and Initial Access.” Google Cloud Blog, May 11, 2026.
  37. National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). Gaithersburg, MD: U.S. Department of Commerce, 2023.; Organization for Economic Co-operation and Development (OECD). “AI Principles Overview.” OECD AI Policy Observatory, 2024.; White House. National Policy Framework for Artificial Intelligence; Cyber Strategy for America. Washington, DC: Executive Office of the President, 2026.
  38. Turing, Alan M. “Computing Machinery and Intelligence.” Mind 59, no. 236 (1950): 433–460.; McCarthy, John, Marvin Minsky, Nathaniel Rochester, and Claude Shannon. A Proposal for the Dartmouth Summer Research Project on Artificial Intelligence. Hanover, NH: Dartmouth College, 1955.; Hinton, Geoffrey. “Banquet Speech.” org, December 10, 2024

Bibliography

Abbass, Hussein A. “Social Integration of Artificial Intelligence: Functions, Automation Allocation Logic and Human-Autonomy Trust.” Cognitive Computation 13, no. 3 (2021): 612–622.

Anthropic, “Detecting and Countering Misuse of AI: August 2025,” Anthropic, August 27, 2025, https://www.anthropic.com/news/detecting-countering-misuse-aug-2025

Anthropic. Threat Intelligence Report on AI-Enabled Cyber Operations: Disrupting the First Reported AI-Orchestrated Cyber Espionage Campaign. Anthropic Security Research, 2025. Full report: Disrupting the first reported AI-orchestrated cyber espionage campaign

Anthropic. Project Glasswing. Anthropic, 2026. Project Glasswing \ Anthropic

Arghire, Ionut. “Hackers Weaponize Claude Code in Mexican Government CyberattackSecurityWeek, 2026. Hackers Weaponize Claude Code in Mexican Government Cyberattack – SecurityWeek

Cable News Network (CNN). “Nobel Prize in Physics 2024 Awarded For Work on Artificial Intelligence to John Hopfield an Geoffrey Hinton.” CNN, October 8, 2024. Nobel Prize in physics 2024 awarded for work on artificial intelligence to John Hopfield and Geoffrey Hinton | CNN

CBS News. “Geoffrey Hinton on the Promise, Risks of Artificial Intelligence.” 60 Minutes, 2024. CBS News Interview Geoffrey Hinton on the promise, risks of artificial intelligence | 60 Minutes – CBS News

CrowdStrike. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries. CrowdStrike, 2026. 2026 CrowdStrike Global Threat Report: AI Accelerated Adversaries

CyberRisk Alliance. “Organizations Slow to Transition to Zero Trust Framework.” CyberRisk Alliance. October 18, 2022. CRA Study: Organizations Slow to Transition to Zero Trust Framework

Cybersecurity and Infrastructure Security Agency. “Widespread Supply Chain Compromise Impacting npm Ecosystem.” U.S. Department of Homeland Security, 2025. Widespread Supply Chain Compromise Impacting npm Ecosystem | CISA

Dastin, Jeffrey. “Chinese Companies Used Claude to Improve Own Models, Anthropic Says.” Reuters. February 23, 2026. Chinese AI companies ‘distilled’ Claude to improve own models, Anthropic says | Reuters

Dark Reading. “Supply Chain Worms in 2026: What Shai-Hulud Taught Attackers and How to Prepare.” Dark Reading, December 22, 2025. Supply Chain Worms 2026: Attackers & How to Prepare)

European Commission. “NIS2 Directive: Securing Network and Information Systems.” Shaping Europe’s Digital Future, 2024. NIS2 Directive: securing network and information systems | Shaping Europe’s digital future

Financial Times. “How Cyber Security Is Changing in the Age of AI.” Financial Times, 2026. How cyber security is changing in the age of AI

Forbes. “Five Reasons Anthropic Kept Its Cybersecurity Breakthrough Invite-Only.” Forbes, April 8, 2026. Five Reasons Anthropic Kept Its Cybersecurity Breakthrough Invite-Only

Fortune. “Anthropic’s Mythos Reveals Security Gap: AI Finds Flaws Far Faster Than Companies Can Patch Them.” Fortune, April 14, 2026.Anthropic’s Mythos finds software flaws faster than companies can fix them | Fortune

Gambit Security Research. “A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report.” Balens Blog, 2026. A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report

Goffer, Mohammad Abdul, Md Salah Uddin, Syed Nazmul Hasan, Clinton Ronjon Barikdar, Jahid Hassan, Niropam Das, Partha Chakraborty, and Rakibul Hasan. “Ai-enhanced cyber threat detection and response advancing national security in critical infrastructure.” Journal of Posthumanism 5, no. 3 (2025): 1667-1689.

Google Cloud. “Secure your Agentic and Generative AI with Google Cloud.” Google Cloud, 2025. https://cloud.google.com/security/securing-ai

Google Threat Intelligence Group. “Adversaries Leverage AI for Vulnerability Exploitation and Initial Access.” Google Cloud Blog, May 11, 2026. Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog

Gold, Ashley. “Scoop: Lawmakers Press White House to Act on AI Cyber Threats.” Axios, 2026. Scoop: Lawmakers press White House to act on AI cyber threats

Hinton, Geoffrey. The Dangers of Artificial Intelligence and the Future of Machine Learning. University of Toronto, 2023.

Hinton, Geoffrey. “Banquet Speech.” NobelPrize.org, December 10, 2024. Geoffrey Hinton – Banquet speech – NobelPrize.org

IANS News. “Anthropic’s ‘Project Glasswing’ Exposes the Next Challenge for Vulnerability Management.” IANS Research, April 19, 2026. Contributors: Jake Williams and Summer Fowler, Anthropic’s ‘Project Glasswing’ Exposes the Next Challenge for Vulnerability Management

ISC2. “2025 ISC2 Cybersecurity Workforce Study.” ISC2. December 4, 2025. 2025 ISC2 Cybersecurity Workforce Study

McCarthy, John, Marvin Minsky, Nathaniel Rochester, and Claude Shannon. A Proposal for the Dartmouth Summer Research Project on Artificial Intelligence. Hanover, NH: Dartmouth College, 1955.

Microsoft Defender Security Research Team. “Mini Shai Hulud: Compromised @antv npm Packages Enable CI/CD Credential Theft.” Microsoft Security Blog, May 20, 2026. Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft | Microsoft Security Blog

Microsoft Threat Intelligence. “AI as Tradecraft: How Threat Actors Operationalize AI.” Microsoft Security Blog, March 6, 2026. AI as tradecraft: How threat actors operationalize AI | Microsoft Security Blog

MITRE Corporation. MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems). McLean, VA: MITRE Corporation, 2025. MITRE ATLAS™

National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). Gaithersburg, MD: U.S. Department of Commerce, 2023. https://www.nist.gov/itl/ai-risk-management-framework

Nobel Prize Outreach AB. “The Nobel Prize in Physics 2024.” NobelPrize.org, 2024. https://www.nobelprize.org/

O’Flaherty, Kate. “Is Your Zero Trust Model Prepared for Modern Threats?” ITPro, March 19, 2026. Is your zero trust model prepared for modern threats? | IT Pro

Organisation for Economic Co-operation and Development (OECD). “AI Principles Overview.” OECD AI Policy Observatory, 2024. AI Principles Overview – OECD.AI

OWASP Foundation. OWASP Top 10 for Large Language Model Applications. OWASP Foundation, 2025. OWASP Top 10 for Large Language Model Applications | OWASP Foundation

Palo Alto Networks. “2026 Unit 42 Global Incident Report” 2026 Unit 42 Global Incident Response Report – Palo Alto Networks

Palo Alto Networks Unit 42. “Shai-Hulud Worm Compromises nmp Ecosystem.” Unit 42 Threat Research, 2025. “Shai-Hulud” Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26)

Rane, Nitin, Saurabh Choudhary, and Jayesh Rane. “Artificial intelligence for enhancing resilience.” Journal of Applied Artificial Intelligence 5, no. 2 (2024): 1-33.

Reuters. “Nobel Physics Prize Won by AI pioneers John Hopfield and Geoffrey Hinton.” Reuters, October 8, 2024. Nobel physics prize 2024 won by AI pioneers John Hopfield and Geoffrey Hinton | Reuters

Reuters. “Exclusive: U.S. Officials Weigh Cutting Deadlines to Fix Digital Flaws amid Worries over AI-Powered Hacking, Sources Say.” Reuters, 2026. Exclusive-US Officials Weigh Cutting Deadlines to Fix Digital Flaws Amid Worries Over AI-Powered Hacking, Sources Say

ReversingLabs. “Shai-Hulud npm Supply Chain Attack: What You Need to Know.” ReversingLabs, October 10, 2025. Shai-Hulud npm supply chain attack: What you need to know | RL Blog

Sabin, Sam. “Exclusive: Palo Alto Networks says new AI models found 7x more vulnerabilities.”

Axios, 2026. Palo Alto Networks says Mythos, GPT-5.5 found 85 bugs in weeks

SecurityWeek. “Hackers Weaponize Claude Code in Mexican Government Cyberattack.” SecurityWeek, March 1, 2026. Hackers Weaponize Claude Code in Mexican Government Cyberattack – SecurityWeek

Sivakumar, R., et al. “Emerging Artificial Intelligence Cyber Threats and Governance Challenges.” Cybersecurity Review Journal 11, no. 2 (2025): 88–105.

Subin, Samantha. “Palo Alto: AI-Driven Cyberattacks Will Be the ‘New Norm’ in Months.” CNBC, 2026. Palo Alto: AI-driven cyberattacks will be the ‘new norm’ in months

Tiwari, Sudhakar, and Lalit Kumar. “AI-Powered Cyberattacks: A Comprehensive Study on Defending Against Evolving Threats.” Available at SSRN 5259363 (2023).

Turing, Alan M. “Computing Machinery and Intelligence.” Mind 59, no. 236 (1950): 433–460.

White House., DC: Accelerating Federal Use of AI through Innovation, Governance, and Public Trust. Executive Office of the President, 2025. White House AI Guidance Memorandum M-25-21-Accelerating-Federal-Use-of-AI-through-Innovation-Governance-and-Public-Trust.pdf

White House. National Policy Framework for Artificial Intelligence and Cyber Strategy for America. Washington, DC: Executive Office of the President, 2026. White House National Policy Framework for AI – Legislative Recommendations

Zoho Corporation. Zoho State of Workforce Password Security Report 2026. Zoho Corporation, 2026. Zoho Password Security Report 2026. Zoho State of Workforce Password Security Report 2026

Acknowledgements:

The author acknowledges the assistance of Grammarly in supporting editing review and ChatGPT in the creation of the images and endnote organization. The underlying research, analysis, and construction of the article were developed and written by the author (and preserved through editing).

Leave a Comment