{"id":219252,"date":"2026-03-02T19:06:00","date_gmt":"2026-03-03T00:06:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/02\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/"},"modified":"2026-03-02T22:31:39","modified_gmt":"2026-03-03T03:31:39","slug":"cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/02\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/","title":{"rendered":"CyberStrikeAI tool adopted by hackers for AI-powered attacks"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/\">CyberStrikeAI tool adopted by hackers for AI-powered attacks<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-02 19:06:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls.<\/p>\n<p>Last month, BleepingComputer reported on an AI-assisted hacking operation that compromised more than 500 FortiGate devices in five weeks. The threat actor behind this campaign used multiple servers, including a web server at 212.11.64[.]250.<\/p>\n<p>In a new report, Senior Threat Intel Advisor for Team Cymru, Will Thomas (aka BushidoToken), says that\u00a0the\u00a0same IP address was observed running the relatively new CyberStrikeAI AI-powered security testing platform.<\/p>\n<p>Analyzing NetFlow data, Team Cymru identified a &#8220;CyberStrikeAI&#8221;\u00a0service banner running on port 8080 on 212.11.64[.]250 and saw network communications between that IP and Fortinet FortiGate devices the threat actor targeted. The FortiGate campaign infrastructure was last seen running CyberStrikeAI on January 30, 2026.<\/p>\n<p>CyberStrikeAI&#8217;s GitHub repository describes itself as an &#8220;AI-native security testing platform built in Go&#8221; that integrates over 100 security tools, an intelligent orchestration engine, predefined security roles, and a skills system.<\/p>\n<p>&#8220;Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization\u2014delivering an auditable, traceable, and collaborative testing environment for security teams,&#8221; reads the project description. The tool includes an AI decision engine compatible with models such as GPT, Claude, and DeepSeek, a password-protected web UI with audit logging and SQLite persistence, and a dashboard for vulnerability management, task orchestration, and attack-chain visualization.<\/p>\n<p>Its tooling allows it to conduct a full attack chain, including network scanning (nmap, masscan), web and application testing (sqlmap, nikto, gobuster),&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CyberStrikeAI tool adopted by hackers for AI-powered attacks https:\/\/www.bleepingcomputer.com\/news\/security\/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks\/ Publish Date: 2026-03-02 19:06:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":219253,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2025\/10\/23\/AI-2.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,34,27],"class_list":["post-219252","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219252"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=219252"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219252\/revisions"}],"predecessor-version":[{"id":219254,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219252\/revisions\/219254"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/219253"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=219252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=219252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=219252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}