SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Flux result e629ad3f 3af2 4c08 8bc9 c805359755b9
#
Digital Transformation
#
Network Security
#
Cloud Security

AI tools widen cyber attack threat, Flashpoint warns

Sat, 25th Apr 2026 (Today)
Author image
By Joseph Gabriel Lagonsin, News Editor

Advances in artificial intelligence are widening the range of cyber attack techniques available to threat actors, according to Flashpoint. The threat intelligence firm said illicit discussion of AI tools rose sharply at the end of 2025.

It assessed that the spread of more advanced AI systems is increasing attacker capability and lowering the barrier to entry for some forms of offensive activity, especially vulnerability discovery and analysis. Unauthorised access to such models creates risks through direct misuse, as well as through experimentation and adaptation by threat actors incorporating these systems into operational workflows.

Flashpoint recorded a 1,500% surge in illicit AI-related discussions between November and December 2025. The finding points to a rapid uptake of AI by threat actors seeking to automate or speed up parts of the attack chain.

Compressed timelines

AI-assisted processes are likely to shorten the time between the identification of a vulnerability and attempts to exploit it, the assessment said. That builds on patterns Flashpoint has already observed, with some vulnerabilities being exploited in the wild as little as 24 hours after discovery.

That leaves security teams with less time to decide whether a newly disclosed flaw is relevant to their systems, how serious it is and what action to take. Flashpoint said the growing volume of findings will make prioritisation more important, particularly when organisations cannot patch or mitigate every exposure at once.

Ian Gray, Vice President of Intelligence at Flashpoint, said AI is changing the pace and scale of work that was once more labour-intensive.

"Access to advanced AI models raises the stakes on what threat actors can potentially execute. Tasks like analyzing large codebases or identifying exploitable weaknesses, which previously required significant time and expertise, can now be done faster and at greater scale. That escalates the threat landscape for organizations, as the gap between vulnerability discovery and potential exploitation continues to narrow," Gray said.

Older flaws

Flashpoint also warned that older vulnerabilities could return to prominence as AI systems are applied to legacy codebases. In practice, that could mean previously overlooked, dormant or lower-priority weaknesses are re-examined and, in some cases, turned into workable routes for intrusion.

Gray said this could reshape how companies think about technical debt and historical risk.

"One of the more immediate impacts is how AI changes the way vulnerabilities are surfaced and revisited. These models can analyze legacy code at scale, which increases the likelihood that older or previously overlooked issues are rediscovered and re-evaluated. For organizations, that means exposures that were deprioritized or assumed low risk may re-enter the threat landscape with little warning," Gray said.

Flashpoint said defenders should also prepare for wider variation in attacker sophistication. Actors with less technical skill may be able to use more advanced tools to identify and act on vulnerabilities more efficiently than before.

That shift could blur the distinction between highly capable groups and lower-level operators in some areas of offensive cyber activity. If AI tools reduce the expertise needed for reconnaissance, code analysis or exploit development, the number of actors able to take part in such activity may increase.

Coverage gaps

At the same time, AI-driven analysis will not remove blind spots, Flashpoint said. Visibility gaps are likely to remain in areas where models have limited access, including closed-source systems, cloud infrastructure and embedded technologies, meaning organisations will still need other sources of intelligence.

Flashpoint said response models should be grounded in real-world threat activity rather than raw volume alone. As more vulnerabilities are discovered and more potential attack paths emerge, security teams will face pressure to separate signal from noise and direct resources towards the exposures most likely to be used.

Gray said the shift calls for a faster, more disciplined response from defenders.

"As these capabilities evolve, organizations should plan for increased variability in attacker sophistication and speed. A broader range of actors can identify and act on vulnerabilities more efficiently, which places pressure on how quickly teams can assess and respond. Security programs should align their response to real-world threat activity to maintain operational effectiveness. Fortunately, it's heartening how the industry has come together to ensure defenders take a 'one team, one fight' approach to stay ahead," Gray said.

Related stories
Vodafone & Google Cloud launch AI & security tools
ISACA launches AI risk certification amid governance gap
Turning security into a story: How managed service providers use reporting to drive retention and revenue
Barracuda spots 7 million device code phishing attacks
CommBank deploys AI to spot emerging fraud patterns

Top stories

AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack
Automotive microcontroller market set to hit USD $15.1bn