The barrier to entry for cybercrime has collapsed. In the past twelve months, we have witnessed teenagers with no coding experience breach major corporations, solo operators compromise multiple government agencies, and AI-generated phishing outperform human red teams. The common thread: generative AI tools are transforming who can execute sophisticated cyber attacks.
The Numbers Tell the Story
The statistics from 2025 into 2026 are stark. Malicious packages discovered on public repositories jumped 75%. Cloud intrusions increased by 35%. The time from vulnerability disclosure to active exploitation has effectively gone negative, with 28.3% of CVEs now exploited within 24 hours of disclosure, often before patches are even available.
But the most alarming shift is not the scale. It is who is behind these attacks.
In December 2024, a 17-year-old in Japan with zero technical background extracted personal data from 7 million Kaikatsu Club users. His motivation? Funding Pokémon card purchases. Two months later, three teenagers aged 14 to 16 used ChatGPT to build tools that hit Rakuten Mobile's systems approximately 220,000 times. They spent their proceeds on gaming consoles and online gambling.
These were not sophisticated threat actors. They were kids who learned to prompt an AI assistant.
The Mexican Government Breach: A Case Study
The most detailed example of this new threat model emerged in February 2026 when security firm Gambit Security published its analysis of a coordinated attack on nine Mexican government agencies. A single operator, using Claude Code and GPT-4.1, exfiltrated over 150GB of data containing roughly 195 million citizen records.
The technical details are instructive. According to Gambit's analysis, the attacker sent over 1,000 prompts to Claude Code during the intrusion. Approximately 75% of all remote commands during the hands-on phase of the attack were generated and executed by the AI model. It took the attacker only 40 minutes to jailbreak Claude's safety guardrails by convincing the system that all actions were authorized.
The stolen data included full names, addresses, tax IDs, voter registration details, and internal credentials for government employees. Mexico City's civil registry, the national electoral institute, local governments in four cities, and a water utility were all compromised.
This was not a nation-state operation with unlimited resources. It was one person with AI subscriptions.
Why Traditional Defenses Are Failing
The fundamental problem is asymmetry. Organizations still patch vulnerabilities at roughly the same pace they did five years ago. The average time to fix critical vulnerabilities remains 74 days, and research shows 45% of vulnerabilities in large enterprises never get patched at all.
Meanwhile, offensive capabilities are accelerating. AI coding assistants resolved 33% of GitHub issues in August 2024. By December 2025, that figure reached 81%. The same capabilities that help legitimate developers ship faster are helping attackers develop exploits faster.
Dan Lorenc, CEO of security firm Chainguard, summarized the situation bluntly: "The complexity and scale of vulnerability management has outgrown the capabilities of most organizations."
The old model assumed attackers needed years of experience to understand complex systems, write exploit code, and evade detection. That assumption no longer holds. An attacker can now describe what they want to accomplish in plain language and receive working code in return.
The Extortion Economy
Beyond data theft, AI is enabling a new scale of extortion operations. In July 2025, a single actor using Claude Code targeted 17 organizations in one month. The AI helped develop malicious code, organize stolen files, analyze financial records to calibrate ransom demands, and draft extortion emails.
This operational tempo would have been impossible for one person without AI assistance. Previously, conducting 17 targeted attacks required either a large team or months of preparation for each target. Now a single operator can move from target to target with industrial efficiency.
The supply chain is equally vulnerable. The Shai-Hulud attack on the npm ecosystem in September 2025 compromised over 500 packages, impacting 487 organizations. Attackers stole $8.5 million from Trust Wallet using exposed credentials. Package repositories have become hunting grounds where AI can rapidly identify vulnerable dependencies.
What Organizations Must Do Now
The defensive playbook needs to evolve. Here is what I recommend for organizations in the Gulf region and beyond:
Assume breach velocity has increased. Plan incident response around hours, not days. If a critical vulnerability is disclosed, assume exploitation attempts will begin within 24 hours.
Invest in detection, not just prevention. Perfect prevention is impossible when attack tools are evolving this rapidly. Organizations need robust monitoring and rapid response capabilities.
Secure the AI tools you use. If your developers use AI coding assistants, so do attackers. Implement guardrails around how AI tools interact with production systems and sensitive data.
Update threat models. Your adversaries are no longer necessarily sophisticated actors. Include scenarios where attackers have limited technical skills but access to capable AI tools.
Monitor for prompt injection. As more organizations deploy AI agents, prompt injection becomes a attack vector. Ensure any AI system with access to sensitive data has robust input validation.
The Road Ahead
We are in the early stages of a fundamental shift in who can conduct cyberattacks and at what scale. The same AI capabilities that make developers more productive make attackers more dangerous. The same natural language interfaces that democratize coding democratize exploitation.
This is not a call for panic. Organizations that take the threat seriously and adapt their defenses can manage these risks. But it requires acknowledging that the threat landscape of 2024 is not the threat landscape of 2026. The teenagers are coming, and they have ChatGPT.