In the News

ITBrief: Agentic AI widens cyber risk as attackers speed up

Written by Rosa Lear | Jul 10, 2026 3:30:13 PM

This article was originally posted here. 

Security researchers and industry executives are warning that agentic artificial intelligence is reshaping cyber risk on both sides of the attack-defence divide. Recent incidents and legal disputes are exposing governance gaps across software development pipelines and cloud environments.

A string of disclosures in recent weeks has shown how attackers already use AI systems to compress attack timelines, automate reconnaissance, and exploit new classes of vulnerability, while defenders struggle to oversee autonomous tooling and AI-generated threat intelligence.

In one case, a newly documented technique showed how adversaries can misuse coding assistants such as Claude Code and seemingly legitimate repositories to compromise developer machines without breaching conventional perimeter controls. The method relies on persuading an AI agent to trust and execute content from a malicious source within a development workflow.

...

Gidi Cohen, Chief Executive Officer and Co-Founder of Bonfy.AI, said the dispute underscored the need for accountability and human oversight when AI influences threat assessments.

"The MeetingTV lawsuit should be a wake-up call: when threat intelligence is generated or enriched by AI, the stakes are no longer just technical accuracy. They include business continuity and reputational harm for real companies caught in the blast radius. This case highlights three responsibilities that security leaders and researchers can't ignore.

First, AI-assisted analysis does not remove the obligation to validate findings with human judgment, especially when those findings can lead to long-term blocking of a legitimate service. 'Protected speech' in research doesn't absolve us from doing the hard work of verification.

Second, the industry needs a clearer accountability model for distributed threat intelligence. Once a label is published, it is replicated across hundreds of feeds and controls, yet there is still no standard process, or SLA, for correcting mistakes and propagating those fixes downstream.

Third, we have to treat false positives in AI-era threat intelligence as real incidents, not minor collateral damage. For a SaaS business, being silently tagged as malicious can have the same practical impact as a sustained DDoS attack or a major outage, and our governance models should reflect that.

Regardless of the legal outcome, the lesson is straightforward: if we use AI in security research, we must pair it with rigorous review, transparent methodology, and fast, industry-wide remediation when we get it wrong. Without that, AI doesn't just help us find threats-it risks becoming one," Cohen said.

Read the full article here.