Redazione RHC : 30 September 2025 07:22
The cybersecurity industry is undergoing a transformation: artificial intelligence is becoming not just a tool for developers, but also a weapon for attackers. And we’ve talked about this extensively.
This concept was brought to the attention of Ami Luttwak, CTO of Wiz, explaining that new technologies inevitably expand the attack surface and that integrating AI into business processes accelerates both the development and the emergence of vulnerabilities.
According to Luttwak, accelerating development through vibe coding and integrating AI agents often leads to bugs in core mechanisms, such as the authentication system. This is because the agents perform their assigned tasks literally and don’t provide security by default.
As a result, companies are forced to balance speed and security , and attackers are starting to exploit this advantage. They are now creating exploits using prompts, running their own AI agents, and even interacting directly with corporate tools, issuing commands like ” transfer all secrets” or “delete files.”
Vulnerabilities are emerging even in AI services designed for internal use. When companies deploy third-party solutions to improve employee productivity, they often fall victim to supply chain attacks . This happened to Drift, a startup that offers chatbots for sales and marketing. A compromise allowed the company to obtain Salesforce access tokens from hundreds of customers, including Cloudflare, Google, and Palo Alto Networks . The attackers disguised themselves as chatbots and accessed customer infrastructure, requesting data and expanding their reach.
A similar scenario was observed in the s1ingularity operation against the Nx build system. Attackers injected malicious code that detected the use of AI tools like Claude and Gemini, then redirected them to autonomously search for valuable data. As a result, thousands of tokens and keys were stolen, giving access to private GitHub repositories.
While Wiz estimates that only 1% of companies have fully integrated AI into their processes, attacks are recorded every week, affecting thousands of customers . AI is involved in every stage of the attack chain, from creating exploits to stealthily advancing within systems.
According to Luttwak, defenders’ goal now is to understand the purpose of customer applications and build horizontal security tailored to each company’s specific needs . He emphasized that startups working with corporate data must prioritize security from day one.
The minimum set includes appointing a CISO, implementing audit logs, advanced authentication, access control, and single sign-on.
Ignoring these requirements leads to so-called “security debt,” where companies initially neglect security but are eventually forced to redesign all their processes to meet current standards, which is always difficult and expensive.
Luttwak placed particular emphasis on architecture. For an AI startup targeting the enterprise market, it’s crucial to initially consider the possibility of storing data within the customer’s infrastructure. This not only increases trust, but also reduces the risk of large-scale compromise.
Luttwak believes that every area is now accessible to IT startups, from anti-phishing protection to endpoints to AI-powered process automation.
However, this requires a new mindset: defending against AI-based attacks as much as the defenders do.
Redazione