Ahmedabad, India — 18 November 2025 - Infopercept, a global platform-led managed security services company, today released its 2026 Threat Predictions Report, outlining how artificial intelligence is expected to reshape the worldwide cyber risk landscape.

Titled “Infopercept 2026 Threat Predictions: Attacks on AI & Attacks Using AI,” the report presents one of the most forward-looking assessments of how AI will influence both cyberattacks and cyber defense strategies in the year ahead.

The report is organized into two major sections — attacks on AI and attacks with AI — reflecting how artificial intelligence is now both a target and a weapon in modern cyber operations.

“Never in the history of cybersecurity have attackers and defenders shared equal access to the same source of power,” said Satyakam Acharya, director of exposure management at Infopercept. “GenAI has erased traditional skill gaps. Attacks that once required high levels of expertise can now be executed by almost anyone. Our 2026 predictions show how AI will accelerate attacks, amplify adversaries, and blur the line between human intent and autonomous action.”

Major Attack Predictions for 2026

Infopercept’s Threat Predictions Report identifies several emerging risks under attacks on AI and outlines five major trends under attacks with AI.

A. Attacks on AI

These threats target the systems, models, agents, and pipelines that power AI workflows.

1. GenAI democratization leading to data poisoning and software supply-chain attacks

As more non-developers generate production code using GenAI tools, attackers may introduce poisoned datasets, malicious prompt templates, and trojanized plug-ins that compromise software supply chains.

2. Manipulation of Model Context Protocol (MCP)

Threat actors may alter or redirect AI context sources, cause AI systems to misinterpret information, trigger recursive loops between AI agents, or exploit overly permissive connectors.

3. Multi-LLM environments enabling LLM gateway bypass

Attackers may circumvent LLM gateways — much like they previously bypassed firewalls — using split prompts, covert connectors, or unauthorized AI endpoints.

4. SOC automation becoming a target for agent poisoning

Autonomous security agents used in Security Operations Centers may be manipulated to disable sensors, delete evidence, or hide intrusions.

5. Identity-layer agents enabling token forgery and privilege chaining

Identity agents present a new attack surface, including risks such as stolen agent tokens and impersonated automation identities.

6. Poisoned AI-based security testing weakening the software development lifecycle

Compromised AI testing tools may miss vulnerabilities or generate insecure auto-fixes, increasing systemic exposure.

7. On-premises and air-gapped AI adoption eroding historical isolation

Data bridges used for model updates may create new infiltration paths into highly secure or critical systems.

8. Growth of shadow AI creating hidden backdoors

Unsanctioned LLMs and departmental AI tools may bypass security controls and leak sensitive information.

9. Emergence of agentic malware and ransomware

AI-driven malware may begin making independent decisions, including selecting targets, adapting to defenses, negotiating ransoms, and propagating autonomously.

B. Attacks With AI

These threats describe how AI will be used as a tool by attackers.

1. Generative deception at scale

Deepfakes, synthetic personas, and voice cloning may become turnkey tools for fraud and targeted phishing.

2. Autonomous exploit discovery

AI agents may scan for and exploit vulnerabilities in minutes, reducing defenders’ response time.

3. Polymorphic, AI-generated malware

Malware may continuously mutate to evade detection systems.

4. Cognitive overload attacks on SOCs

Attackers may use AI to generate high volumes of realistic fake alerts that overload analysts and mask real threats.

5. Dual-layer decision hijacking

Adversaries may attempt to influence both human decision-makers and AI-driven systems at the same time.

About Infopercept’s Threat Research Team

Infopercept’s Threat Research Team combines offensive, defensive, and AI security expertise to study emerging adversarial behavior. Working across red teaming, threat intelligence, and platform engineering, the team uses insights from the Invinsense platform to deliver forward-looking predictions for a rapidly evolving cyber landscape.

About Infopercept

Infopercept is one of India’s fastest-growing platform-led managed security services companies, serving global clients across defensive, offensive, detection and response, and compliance functions. Its cybersecurity platform, Invinsense, integrates SIEM, SOAR, EDR, deception, offensive security, and compliance capabilities. Infopercept’s MDR services are backed by dedicated experts who provide 24/7 cybersecurity operations support.

For more information, visit www.infopercept.com.