AI systems are not yet capable of conducting fully autonomous cyberattacks, but they are increasingly aiding criminals in various stages of the attack process, according to the International AI Safety report. This second annual report, led by Canadian computer scientist Yoshua Bengio and involving over 100 experts from 30 countries, highlights significant advancements in AI’s role in cybercrime.
AI’s Evolving Role in Cybercrime
The report notes that AI tools have improved markedly in their ability to assist with automating cyberattacks. A concerning example is detailed in Anthropic’s November 2025 report, which revealed that Chinese cyberspies exploited its Claude Code AI tool to automate numerous aspects of attacks against approximately 30 high-profile organizations, including government entities. These attacks reportedly succeeded in a limited number of instances.
Human Oversight Still Necessary
While there has been at least one confirmed incident involving semi-autonomous cyber capabilities, where human intervention was required at critical decision points, the report emphasizes that fully autonomous end-to-end attacks have not been documented. AI’s current limitations mean that it struggles to execute complex, multi-stage attacks without human assistance.
Vulnerability Scanning and Malware Development
AI systems are particularly effective in two areas: identifying software vulnerabilities and generating malicious code. During DARPA’s AI Cyber Challenge (AIxCC), finalist AI models autonomously detected 77% of synthetic vulnerabilities used in the final scoring round. Although this showcases AI’s potential for defensive applications, criminals are similarly leveraging these capabilities. For instance, attackers on underground forums have claimed to use HexStrike AI, an open-source red-teaming tool, to target critical vulnerabilities in Citrix NetScaler appliances shortly after they were disclosed.
Current Limitations of AI in Cyberattacks
Despite the advancements, the report indicates that AI systems still face challenges in executing long, multi-stage attack sequences. Issues such as executing irrelevant commands, losing track of operational states, and failing to recover from simple errors without human intervention hinder their effectiveness in autonomous attacks. The report’s authors caution that while the threat of AI-assisted cybercrime is growing, the complete automation of cyberattacks remains a future concern rather than an immediate reality.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
