Actively exploited zero‑days, critical product flaws, and weaponized LLM/AI‑agent attacks

Zero‑Days & AI Threats

The cyber threat landscape in 2026-2027 has entered a new, perilous phase characterized by the rapid, AI-accelerated weaponization of critical zero-day vulnerabilities and the emergence of autonomous, AI-driven attack agents targeting enterprise, cloud, operational technology (OT/ICS), and AI collaboration platforms. This convergence has enabled persistent espionage campaigns and large-scale network compromises, challenging traditional cybersecurity paradigms and demanding urgent, AI-native defensive strategies.

Industrial-Scale Weaponization of Critical Zero-Days Across Key Infrastructure

Zero-day exploits remain the primary enablers of stealthy, persistent cyber intrusions, with attackers leveraging AI-assisted automation to accelerate discovery, weaponization, and exploitation:

Cisco SD-WAN (CVE-2026-20127) has been exploited by sophisticated adversaries since 2023, enabling authentication bypass on Catalyst SD-WAN Manager. The prolonged exploitation, revealed by Cisco Talos and Techzine Global, allowed attackers to establish persistent footholds and conduct covert lateral movement within enterprise networks. The Five Eyes intelligence alliance issued an emergency directive urging immediate patching due to the critical risk.
Juniper Networks PTX routers (disclosed February 2026) suffer from a critical zero-day allowing full remote takeover without authentication. Given PTX routers' role as telecom and enterprise backbone infrastructure, this flaw poses severe risks to global network stability and supply chains, with attackers implanting persistent AI-driven backdoors.
SolarWinds Serv-U (CVE-2025-40538) vulnerabilities continue to be actively exploited, enabling remote command execution and facilitating wide-scale data exfiltration and supply chain compromises in organizations relying on SolarWinds’ managed file transfer services.
Microsoft SharePoint zero-days have compromised over 75 servers worldwide, predominantly in government and high-value enterprises. Attackers embed weaponized web shells and AI backdoors to maintain stealthy, persistent data exfiltration and lateral movement.
Qualcomm chipset firmware zero-days remain critical concerns, exploited to gain persistent control over mobile and embedded IoT devices, threatening consumer privacy and industrial OT systems.

These zero-day exploits demonstrate an unprecedented velocity and sophistication, compressing attacker timelines and outpacing traditional detection and patch management efforts.

Weaponized LLM/AI-Agent Attacks: Anthropic Claude Cloning Powers Autonomous Offense

The theft and cloning of Anthropic’s Claude large language model (LLM) have catalyzed a new class of AI-driven cyber offense with industrial-scale automation:

Israeli cybersecurity firm Gambit Security disclosed a breach where attackers exploited cloned Claude models to infiltrate Mexican government agencies, exfiltrating over 150GB of sensitive taxpayer data (195 million records). The autonomous AI agents powered by Claude clones execute complex, multi-stage attacks with dynamic privilege escalation and real-time evasion—often compromising targets within 30 minutes without human intervention.
Illicit AI marketplaces such as ClawHub and Moltbook facilitate the distribution of modular AI components, enabling polymorphic AI worms and self-coordinated autonomous attack chains that morph continuously to evade detection and propagate across decentralized, encrypted command-and-control networks.
Over 21,000 publicly exposed AI agent instances have been found actively soliciting SSH keys and sensitive credentials, representing a significant risk vector for lateral movement and persistent access inside enterprise environments.
Vulnerabilities in Anthropic’s AI collaboration tools and developer environments (e.g., Claude Code) allow remote code execution and API key exfiltration, further expanding the attack surface. Anthropic’s own security platform recently uncovered over 500 zero-day vulnerabilities across AI codebases, underscoring the vast, emerging risk landscape.

Expanding Attack Surfaces: Developer Ecosystems and Cloud Collaboration Under Siege

AI-augmented adversaries are aggressively exploiting weaknesses in cloud-native productivity suites, development pipelines, and collaboration platforms:

Developer tooling compromises are rampant:
- Over 128 million Visual Studio Code users face risks from extensions vulnerable to cross-site scripting (XSS) and arbitrary code execution, enabling credential theft and remote code compromise.
- The npm ecosystem suffers from polymorphic malware worms, including 19 typosquatting packages embedding stealthy backdoors like OpenClaw, which infiltrate CI/CD pipelines and AI-assisted coding environments.
- GitHub Codespaces and Copilot workflows are abused via job-themed repository lures deploying multi-stage backdoors with automated privilege escalation and repository takeover capabilities. Microsoft has issued warnings urging vigilance against these repo lures.
Cloud collaboration platforms have become strategic attack vectors:
- A China-backed APT group exploited Google Sheets’ scripting and macro features to deliver malicious payloads targeting U.S. organizations, weaponizing trusted SaaS tools to bypass endpoint defenses and automate lateral movement.
- Microsoft SharePoint zero-days facilitate embedding AI-powered backdoors and covert command channels, threatening enterprise-wide security.

These developments highlight the blurring boundaries between traditional IT infrastructure and AI-powered development environments, creating complex, dynamic attack surfaces.

AI-Augmented Malware Families and Ransomware Campaigns

The fusion of AI capabilities with malware operations has produced more agile, scalable, and evasive threats:

The Steaelite RAT discovered by BlackFog uniquely combines data theft and ransomware management within a SaaS platform, leveraging AI for evasion and persistence. This lowers operational barriers for attackers, enabling dynamic control over stolen data and ransomware payloads.
North Korean state-backed groups have intensified AI-enabled reconnaissance and hyper-personalized phishing deploying Medusa ransomware against U.S. healthcare and nonprofit sectors, causing severe operational disruptions.
Despite law enforcement actions such as the seizure of the RAMP ransomware forum, ransomware ecosystems demonstrate resilience, with at least two new forums emerging rapidly, maintaining high operational tempo.
Trend Micro reports reveal botnets increasingly integrate AI for automated reconnaissance, lateral movement, and payload delivery, industrializing botnet infrastructures as scalable attack platforms.
Other malware families, like ClickFix, have evolved by abusing Windows scripting hosts (e.g., mshta.exe) to stealthily execute payloads in hospitality and retail sectors, demonstrating attacker adaptability.

Urgent Defensive Imperatives

In light of these rapidly evolving, AI-accelerated threats, organizations must adopt a multi-layered, AI-native cybersecurity posture emphasizing:

Prioritized and rapid patching of critical zero-days across Cisco SD-WAN, Juniper PTX routers, SolarWinds Serv-U, Microsoft SharePoint, Anthropic Claude, Qualcomm chipsets, BeyondTrust, Fortinet, VMware ESXi, and others to shrink exposure windows.
Universal multi-factor authentication (MFA) to prevent credential theft and constrain lateral attacker movement.
Adoption of zero-trust architectures and network microsegmentation to reduce attack surface and contain breaches.
Deployment of AI-augmented detection and response platforms capable of identifying polymorphic, autonomous, and AI-driven threats in real-time, enhancing situational awareness and operational response.
Software supply chain hardening through rigorous vetting of developer tools, securing code repositories, enforcing vendor security assessments, and continuous automated vulnerability scanning to combat pipeline contamination and backdoor insertion.
Implementation of firmware integrity checks and enhanced hardware security to defend against chipset and embedded firmware exploits.
Strengthened cross-sector and international intelligence sharing, involving governments, industry, and vendors, to enable timely detection, coordinated incident response, and systemic cyber resilience.

Conclusion

The convergence of rapid zero-day exploitations, weaponized AI/LLM attack agents, and expanding attack surfaces across enterprise, cloud, OT/ICS, and AI platforms has dramatically escalated the cyber threat environment. The industrial-scale cloning of Anthropic’s Claude and the rise of autonomous AI attack agents have introduced unprecedented speed, scale, and stealth to cyber offenses.

Persistent exploitation of critical infrastructure components—from Cisco SD-WAN to Juniper PTX routers—and the weaponization of developer ecosystems and cloud collaboration tools underscore the urgent need for adaptive, AI-aware defense strategies. Organizations must move beyond incremental patching to embrace AI-native security architectures, robust operational controls, and global cooperation to withstand this new frontier of autonomous, AI-driven cyber warfare.

Key References from Recent Reports:

"Hackers Exploited Cisco SD-WAN Zero-Day for Three Years Before Detection" (Cisco Talos)
"BREAKING: Hacker Exploited Anthropic's Claude AI to Breach Mexican Government Systems" (Gambit Security)
"128M Users Exposed as Popular VS Code Extensions Reveal Critical Flaws"
"Self-spreading npm malware targets developers in new supply chain attack"
"Steaelite RAT combines data theft and ransomware management capability in one tool"
"North Korean Hackers Using Medusa Ransomware in Attacks on U.S. Healthcare Sector"
"Autonomous AI Agents Provide New Class of Supply Chain Attack"
"Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day"

These insights collectively paint a stark picture of a cyber threat landscape transformed by AI-driven automation and weaponization of zero-day vulnerabilities, demanding a commensurate evolution in defense.

Sources (160)