International AI Safety Report: AI Now Provides 'Meaningful

Executive Summary

The second International AI Safety Report, released in February 2026, provides the most authoritative scientific assessment to date of AI's role in cybersecurity — both offensive and defensive. The key finding: AI systems can now provide "meaningful assistance" to attackers at multiple stages of the cyberattack chain.

This isn't speculation — it's a peer-reviewed scientific consensus from researchers across multiple countries.

Key Findings

AI in the Attack Chain

The report identifies specific stages where AI provides measurable assistance to attackers:

Attack Stage	AI Assistance Level	Evidence Strength
Vulnerability discovery	High	Strong
Exploit development	Moderate	Growing
Phishing content generation	High	Strong
Social engineering	High	Strong
Attack planning	Moderate	Moderate
Evasion techniques	Moderate	Growing
Target reconnaissance	Moderate	Moderate

The Vulnerability Discovery Gap

The report's most significant finding: AI systems demonstrate strong capability in software vulnerability discovery. This has immediate implications:

The window between a vulnerability existing in code and being discovered by an attacker is shrinking. AI-assisted fuzzing and code analysis can identify flaws faster than traditional manual review.

For defenders, this means:

Patch faster — Expect exploitation timelines to compress further
Shift left — AI-assisted code review during development becomes critical
Assume breach — Zero-trust architecture is no longer optional

The Deepfake Dimension

The report flags growing concern around AI-generated deepfakes used for:

CEO fraud — AI-generated voice calls authorizing wire transfers
Video impersonation — Deepfake video calls bypassing identity verification
Synthetic identities — AI-generated personas for long-term social engineering campaigns

Scale of the Problem

Deepfake Type	Difficulty to Create	Detection Difficulty
Text (email/chat)	Very low	Very high
Audio (voice clone)	Low	High
Image (face swap)	Low	Medium
Real-time video	Medium	Medium-High
Interactive video call	High	Very high

CISO Response: AI-Driven Defense

The report comes as security leaders are pivoting hard toward AI-driven defense:

80% of CISOs now prioritize AI-driven security solutions (Glilot Capital Partners survey)
Microsoft has released new research on detecting backdoors in open-weight language models
A practical scanner for identifying backdoored AI models is now available at scale

The Defense Advantage

While the report focuses on offensive AI capabilities, it also notes that defenders have structural advantages:

Data access — Defenders have more telemetry and training data from their own environments
Integration — AI defense tools integrate with existing security infrastructure
Continuous monitoring — Defensive AI operates 24/7, not in bursts
Vendor ecosystem — Major security vendors are investing heavily in AI capabilities

Practical Implications

For Security Teams

Accelerate AI adoption — Deploy AI-powered security tools for:
- Behavioral anomaly detection (UEBA)
- Automated threat hunting
- Real-time phishing detection
- Code vulnerability scanning
Update threat models — Include AI-assisted attacks in tabletop exercises and risk assessments
Deepfake defenses — Implement:
- Out-of-band verification for sensitive requests
- Code words for financial transactions
- Multi-person authorization for large transfers
- Deepfake detection tools for video calls
AI model security — If using AI/ML internally:
- Scan open-weight models for backdoors before deployment
- Monitor model behavior for drift or adversarial manipulation
- Maintain model inventory and version control

For CISOs

Budget for AI security tools — The ROI case is stronger than ever
Hire AI security expertise — Build or acquire skills in AI threat assessment
Engage with AI safety initiatives — Participate in industry working groups on responsible AI
Report AI-assisted incidents — Share intelligence about AI-enabled attacks with ISACs

The Bottom Line

The 2026 AI Safety Report makes the case that the AI security arms race is no longer theoretical — it's happening now. Organizations that fail to integrate AI into their defensive capabilities will find themselves at an increasing disadvantage against AI-equipped attackers.

The good news: the same AI capabilities that enhance attacks can be turned to defense. The question is whether your organization is moving fast enough.

Sources

Executive Summary

This isn't speculation — it's a peer-reviewed scientific consensus from researchers across multiple countries.

Key Findings

AI in the Attack Chain

The report identifies specific stages where AI provides measurable assistance to attackers:

Attack Stage	AI Assistance Level	Evidence Strength
Vulnerability discovery	High	Strong
Exploit development	Moderate	Growing
Phishing content generation	High	Strong
Social engineering	High	Strong
Attack planning	Moderate	Moderate
Evasion techniques	Moderate	Growing
Target reconnaissance	Moderate	Moderate

The Vulnerability Discovery Gap

The report's most significant finding: AI systems demonstrate strong capability in software vulnerability discovery. This has immediate implications:

The window between a vulnerability existing in code and being discovered by an attacker is shrinking. AI-assisted fuzzing and code analysis can identify flaws faster than traditional manual review.

For defenders, this means:

Patch faster — Expect exploitation timelines to compress further
Shift left — AI-assisted code review during development becomes critical
Assume breach — Zero-trust architecture is no longer optional

The Deepfake Dimension

The report flags growing concern around AI-generated deepfakes used for:

CEO fraud — AI-generated voice calls authorizing wire transfers
Video impersonation — Deepfake video calls bypassing identity verification
Synthetic identities — AI-generated personas for long-term social engineering campaigns

Scale of the Problem

Deepfake Type	Difficulty to Create	Detection Difficulty
Text (email/chat)	Very low	Very high
Audio (voice clone)	Low	High
Image (face swap)	Low	Medium
Real-time video	Medium	Medium-High
Interactive video call	High	Very high

CISO Response: AI-Driven Defense

The report comes as security leaders are pivoting hard toward AI-driven defense:

80% of CISOs now prioritize AI-driven security solutions (Glilot Capital Partners survey)
Microsoft has released new research on detecting backdoors in open-weight language models
A practical scanner for identifying backdoored AI models is now available at scale

The Defense Advantage

While the report focuses on offensive AI capabilities, it also notes that defenders have structural advantages:

Data access — Defenders have more telemetry and training data from their own environments
Integration — AI defense tools integrate with existing security infrastructure
Continuous monitoring — Defensive AI operates 24/7, not in bursts
Vendor ecosystem — Major security vendors are investing heavily in AI capabilities

Practical Implications

For Security Teams

Accelerate AI adoption — Deploy AI-powered security tools for:
- Behavioral anomaly detection (UEBA)
- Automated threat hunting
- Real-time phishing detection
- Code vulnerability scanning
Update threat models — Include AI-assisted attacks in tabletop exercises and risk assessments
Deepfake defenses — Implement:
- Out-of-band verification for sensitive requests
- Code words for financial transactions
- Multi-person authorization for large transfers
- Deepfake detection tools for video calls
AI model security — If using AI/ML internally:
- Scan open-weight models for backdoors before deployment
- Monitor model behavior for drift or adversarial manipulation
- Maintain model inventory and version control

For CISOs

Budget for AI security tools — The ROI case is stronger than ever
Hire AI security expertise — Build or acquire skills in AI threat assessment
Engage with AI safety initiatives — Participate in industry working groups on responsible AI
Report AI-assisted incidents — Share intelligence about AI-enabled attacks with ISACs

The Bottom Line

The good news: the same AI capabilities that enhance attacks can be turned to defense. The question is whether your organization is moving fast enough.

International AI Safety Report: AI Now Provides 'Meaningful

Affected Products

Executive Summary

Key Findings

AI in the Attack Chain

The Vulnerability Discovery Gap

The Deepfake Dimension

Scale of the Problem

CISO Response: AI-Driven Defense

The Defense Advantage

Practical Implications

For Security Teams

For CISOs

The Bottom Line

Sources

CVE-2026-27856: Dovecot doveadm Timing Oracle Enables Credential Recovery

CVE-2026-27876 — Grafana Critical RCE via SQL Expression Chain

CVE-2026-30303 — Axon Code OS Command Injection via Whitelist Bypass

International AI Safety Report: AI Now Provides 'Meaningful

Affected Products

Executive Summary

Key Findings

AI in the Attack Chain

The Vulnerability Discovery Gap

The Deepfake Dimension

Scale of the Problem

CISO Response: AI-Driven Defense

The Defense Advantage

Practical Implications

For Security Teams

For CISOs

The Bottom Line

Sources

CVE-2026-27856: Dovecot doveadm Timing Oracle Enables Credential Recovery

CVE-2026-27876 — Grafana Critical RCE via SQL Expression Chain

CVE-2026-30303 — Axon Code OS Command Injection via Whitelist Bypass

Affected Products

Executive Summary

Key Findings

AI in the Attack Chain

The Vulnerability Discovery Gap

The Deepfake Dimension

Social Engineering

Scale of the Problem

CISO Response: AI-Driven Defense

The Defense Advantage

Practical Implications

For Security Teams

For CISOs

The Bottom Line

Sources

Related Reading

Affected Products

Executive Summary

Key Findings

AI in the Attack Chain

The Vulnerability Discovery Gap

The Deepfake Dimension

Social Engineering

Scale of the Problem

CISO Response: AI-Driven Defense

The Defense Advantage

Practical Implications

For Security Teams

For CISOs

The Bottom Line

Sources

Related Reading