ACCORDING to 2026 Cloudflare Threat Report, easy access to large language models and other AI tools has significantly lowered the barrier to entry for cybercriminals to conduct effective campaigns rapidly and at scale. The report describes AI as a “force multiplier” for threat actors, enabling the publication of convincing phishing emails and the writing of malware, with real-time network mapping cited as an example of capability.
It notes that a wide range of actors, including state-sponsored groups, financially motivated gangs and hacktivist collectives, have adopted AI tools to enhance their operations. The report also highlights AI-generated deepfakes and fraudulent IDs as an insider-threat vector, mentioning that North Korea is known to exploit this tactic. In one example, Cloudforce One tracked a threat actor who levered AI to locate high-value data, allowing compromise of hundreds of corporate tenants in a single supply chain attack.