- Palo Alto warns that GenAI accelerates the creation and complexity of malware
- AI reduces data breach time from five hours to 72 minutes
- Identity weaknesses and SaaS supply chains drive most intrusions, with ransomware becoming data theft.
The rise of Generative Artificial Intelligence (GenAI) is helping hackers create new malware faster and more complex than ever, experts have warned, arguing that things can only get tougher for the cybersecurity community.
In their annual Unit 42 Global Incident Response Report, Palo Alto researchers laid out how AI has become a force multiplier for attackers, who can now exfiltrate data in just over an hour (72 minutes), while in the pre-AI era, that time was around five hours, meaning exfiltration increased fourfold.
While the browser remains the “main battleground,” where nearly half (48%) of all incidents occur, the complexity of attacks is increasing. In fact, nearly nine in ten (87%) of intrusions span multiple attack surfaces. In some cases, attack surfaces are in the double digits and threats are rarely limited to a single environment. Attackers often coordinate across different endpoints, networks, cloud services, SaaS platforms, and identity systems.
Identity issues and supply chain attacks
Palo Alto also said that identity drives initial access. In nine out of ten incidents, identity weakness was a major factor, and with agentic identity management, the challenge is even more complex. Approximately two-thirds (65%) of initial access comes from social engineering, while in comparison, vulnerabilities take up less than a quarter (22%).
Third-party SaaS applications have also become a major target. Supply chain attacks have increased almost fourfold since 2022 and now account for almost a quarter (23%) of all attacks. Most of the time, criminals look for OAuth tokens and API keys that allow them to move laterally, steal data, crash systems, and deploy malware.
The report also points out what the industry has been warning about for some time: ransomware operators are moving away from encryptors and focusing solely on data extraction.
“From the attacker’s perspective, it is faster, quieter, and creates immediate pressure without the signals that defenders previously relied on to detect ransomware attacks,” Palo Alto concluded. .
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.




