IBM Xforce: Are Your Enterprise AI Tools Secure?

The incredible power of AI quickly turns destructive in the hands of bad actors.    

As industry adoption shoots up, IBM's 2026 X-Force Threat Intelligence Index reflects how AI technologies are being weaponised by threat actors, while highlighting the vulnerabilities that AI platforms introduce into organisational infrastructures.

The report demonstrates that AI-enabled vulnerability discovery tools are accelerating attack timelines, with threat actors using algorithms to identify and exploit weaknesses in public-facing applications at unprecedented speed.

IBM X-Force observed a 44% rise in attacks beginning with the exploitation of basic vulnerabilities, driven largely by missing authentication controls that AI-powered scanning tools can rapidly detect.

Mark Hughes, Global Managing Partner for Cybersecurity Services at IBM, explains: “Attackers are not reinventing playbooks, they are speeding them up with AI.

“The core issue is the same: businesses are overwhelmed by software vulnerabilities. The difference now is speed.

“With so many vulnerabilities requiring no credentials, attackers can bypass humans and move straight from scanning to impact.

“Security leaders need to shift to a more proactive approach, using agentic-powered threat detection and response to identify gaps and catch threats before they escalate."

AI platforms as attack surfaces

The index reveals a mounting challenge for organisations deploying AI systems across their operations.

Infostealer malware exposed more than 300,000 ChatGPT credentials in 2025, indicating that AI platforms have become viable targets for credential theft comparable to traditional enterprise services.

Once attackers compromise AI tool credentials, they could manipulate outputs, exfiltrate sensitive data or inject malicious prompts. This opening a new pandora’s box of AI-specific risks.

Synthetic images and deepfakes also create further identity troubles.

The urgency of implementing strong authentication and just-in-time identity access management following zero-trust principles cannot be exaggerated. This is particularly important as organisations expand AI system usage across business functions.

The exposure of AI credentials represents more than a data breach. It could mean compromised decision-making systems, corrupted training data and unauthorised access to sensitive organisational intelligence processed through AI tools.

Democratisation of sophisticated attacks

AI technologies are lowering barriers to entry for cybercrime operations. The report notes a 49% increase in active ransomware and extortion groups compared to the previous year, with publicly disclosed victim counts rising by approximately 12%.

According to X-Force analysis, leaked tooling, readily available playbooks and AI-assisted automation are enabling smaller ransomware groups to operate effectively. This is occurring even with low-volume campaigns.

Threat actors are using AI to analyse large datasets and iterate attack paths in real-time. This creates attack vectors that adapt dynamically to defensive responses.

As multi-modal AI models mature, adversaries could automate increasingly complex tasks including reconnaissance and advanced ransomware deployment. Threat intelligence suggests this is already occurring in certain attack campaigns.

AI-generated assets makes it harder for security systems to distinguish between legitimate users and sophisticated impersonation attempts.

Implications for AI development

The findings carry significant implications for AI development practices. Supply chain and third-party compromises have nearly quadrupled since 2020, with large-scale attacks often occurring where software is built, deployed or integrated with Software as a Service (SaaS) platforms.

For AI systems, which frequently rely on complex dependency chains and third-party libraries, this trend could pose particular risks. The interconnected nature of AI development makes these systems especially vulnerable to supply chain attacks.

Vulnerability exploitation has become the leading trigger for incidents in 2025, accounting for 40% of observed attacks. 

Despite the sophistication of emerging cyber threats, IBM emphasises that core issues remain familiar. X-Force Red team's penetration tests show that weaknesses in credential hygiene and software configuration remain the common causes that open enterprise doors to intruders.

Manufacturing industries remained the most targeted sector for the fifth consecutive year, accounting for more than one in four (28%) incidents observed. North America emerged as the most attacked region overall.

In a climate where attackers are accelerating their operations through AI, organisations developing and deploying AI systems must reinforce basic security controls.

They must embrace proactive threat hunting and prioritise identity protection to mitigate the dual challenge of AI-enabled attacks and AI platform vulnerabilities.