AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

AI is making it ever easier for bad actors to launch attacks, and a newly-identified open source platform, CyberStrikeAI, seems to be lowering the bar even further.

The platform packages end-to-end attack automation into a single AI-native orchestration engine, and is linked to the threat actor behind the recent campaign that breached hundreds of Fortinet FortiGate firewalls. That developer is believed to have “some ties” to the Chinese government, according to research from cybersecurity company Team Cymru.

According to its GitHub repository, CyberStrikeAI ships with 100-plus curated tools covering “the whole kill chain.” It comprises an “intelligent” orchestration engine, role-based testing with predefined security roles, a system featuring what it calls specialized testing skills, and “comprehensive” lifecycle management capabilities, the researchers said.

“Making this kind of tooling available as public open source, given its sophistication and the ability to cause real harm, is irresponsible,” said David Shipley of Beauceron Security. “This is a whole new ballgame from past tools that can be used by ethical hackers and security researchers responsibly.”

Beauceron’s Shipley added: “We truly have opened Pandora’s Box and a lot of organizations are going to be harmed. There’s no way they can keep up with this.”

It’s analogous to going “from muskets to AK-47s,” he noted, and the knee-jerk reactions from lawmakers will harm even good faith research efforts. “We’re in a lot of trouble in 2026, and this is only one of the tools hitting the streets.”

Read the Full Story at CSO Online