The AI Security Report 2026 says AI is increasingly being trusted to perform tasks once handled by human hackers, raising new concerns as businesses connect AI systems to internal tools and data.
Key Takeaways
Check Point says AI is starting to carry out parts of cyberattacks that once required skilled human hackers. The company cites incidents in which AI systems performed reconnaissance, exploitation, and credential theft, supporting its argument that AI has moved beyond its role as a coding assistant.
The tools that let AI systems interact with company data are still immature. Check Point found security weaknesses in 40% of the 10,000 Model Context Protocol (MCP) servers it analyzed, raising concerns about how quickly businesses are expanding AI access to internal systems.
AI coding tools increase the risk that employees will inadvertently expose company systems. Check Point found hundreds of public software packages containing Claude Code configuration files, some of which included live credentials.
Check Point Software says AI crossed an important threshold in cybersecurity. In its AI Security Report 2026, the company finds that AI is no longer simply helping attackers write code or search for vulnerabilities. Instead, it is increasingly carrying out parts of cyberattacks itself.
According to Check Point, AI systems are already performing parts of cyberattacks that once required skilled human operators, allowing attackers to automate more of the process.
“The most significant shift this report documents is not a new technique. It is pace,” Check Point wrote, arguing that AI is making cyberattacks faster, cheaper, and less dependent on human expertise.
AI takes on a larger role in attacks
Check Point says attackers are increasingly using AI to automate parts of cyberattacks that once required skilled human operators.
The report cites a Chinese-linked espionage campaign in which AI systems reportedly conducted much of the reconnaissance, exploitation, and credential theft across roughly 30 organizations. In another case, investigators reconstructed thousands of commands executed during a breach of Mexican government agencies.
Companies are giving AI more access to internal systems
Businesses are giving AI assistants broader access to internal systems, creating new security risks as the technology spreads across the enterprise.
Check Point found security weaknesses in 40% of the 10,000 Model Context Protocol, or MCP, servers it analyzed. MCP servers allow AI assistants to connect to company software, databases, and other tools.
AI coding tools are exposing sensitive information
The growing use of AI coding tools is creating new ways for companies to inadvertently expose sensitive information.
After scanning roughly 46,500 public software packages, Check Point discovered that 428 had accidentally exposed Claude Code settings files, some of which contained credentials that could provide access to internal systems and AI services.
Attackers are targeting AI infrastructure
As businesses rely more heavily on AI tools, attackers are increasingly targeting the systems and software that support them.
The report highlights GlassWorm, a self-propagating malware strain that hid within developer tools and spread across more than 150 software repositories. According to Check Point, the malware used AI-generated commit messages to blend in with legitimate development activity while stealing API keys and inserting malicious MCP servers.
Check Point’s AI Security Report 2026 draws on incident investigations, scans of ~46,500 public software packages, and an analysis of 10,000 MCP servers conducted by the company’s AI Security Research team.

