"CyberStrikeAI is an 'open-source artificial intelligence (AI) offensive security tool (OST) developed by a China-based developer who we assess has some ties to the Chinese government,' security researcher Will Thomas (aka @BushidoToken) said. According to the description in its GitHub repository, CyberStrikeAI is built in Go and integrates more than 100 security tools to enable vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization."
"Details of the AI-powered activity came to light last month when Amazon Threat Intelligence said it detected the unknown attacker systematically targeting FortiGate devices using generative artificial intelligence (AI) services like Anthropic Claude and DeepSeek, compromising over 600 appliances in 55 countries."
"Team Cymru said it observed 21 unique IP addresses running CyberStrikeAI between January 20 and February 26, 2026, with servers primarily hosted in China, Singapore, and Hong Kong. Additional servers related to the tool have been detected in the U.S., Japan, and Switzerland."
Team Cymru identified CyberStrikeAI as the tool behind recent AI-assisted attacks on Fortinet FortiGate appliances. The open-source platform, developed by a Chinese developer with alleged government ties, integrates over 100 security tools for vulnerability discovery and attack-chain analysis. Between January and February 2026, 21 unique IP addresses ran CyberStrikeAI, primarily hosted in China, Singapore, and Hong Kong. The developer, known as Ed1s0nZ, has published multiple exploitation tools including ransomware and AI jailbreaking utilities. Amazon Threat Intelligence previously reported attackers using generative AI services to systematically target FortiGate devices, compromising over 600 appliances globally.
#ai-assisted-cyberattacks #fortigate-vulnerabilities #cyberstrikeai #chinese-threat-actors #offensive-security-tools
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]