At this year’s RSA Conference in San Francisco, top cybersecurity executives delivered a sobering message: AI-fueled attacks are advancing faster than defenses can adapt.
“Adversaries no longer break in-they log in,” said Brian Contos, Field CISO at Mitiga Inc., highlighting how threat actors now use AI-generated deepfakes and synthetic identities to bypass hiring checks and gain trusted access inside global firms.
Cloudflare confirmed AI is accelerating insider threats, with attackers fabricating personas that pass background screenings and then exfiltrate intellectual property. “They can pretty much use their company account to do anything,” said Blake Darché, Cloudflare’s head of Threat Intelligence.
A recent supply chain breach targeting Trivy-an open-source DevSecOps tool-illustrates the expanding battlefield. Attackers injected “infostealer” malware into legitimate software updates, compromising over 1,000 SaaS environments, with thousands more expected to be impacted. Mandiant’s CTO Charles Carmakal called it a “downstream avalanche.”
Meanwhile, vulnerabilities in agentic AI platforms like OpenClaw expose enterprises to takeover. Ken Huang of the OWASP AIVSS Project warned of a “lethal trifecta”: private data, untrusted content, and external communication-all converging in poorly secured AI agents.
DDoS attacks have surged 730% in 15 months, supercharged by AI-driven botnets like Aisuru, capable of launching 30+ terabit-per-second assaults. The U.S. Department of Justice recently disrupted Aisuru and three other global botnets.
In response, companies are turning AI against itself. Google announced an “active defense” strategy combining legal action, technical takedowns, and hardened platforms. Zscaler and Snowflake are embedding AI-aware security controls to monitor agentic workflows and data access.
“It’s AI for security and security for AI,” said Snowflake CISO Brad Jones.