Skip to content
Tech News
← Back to articles

SANS: Top 5 Most Dangerous New Attack Techniques to Watch

2026-03-25 | original
read original get Cybersecurity Attack Simulation Kit → more articles
Why This Matters

This article highlights the increasing integration of AI in cyberattack techniques, emphasizing a significant shift in the threat landscape that impacts both the tech industry and consumers. The rise of AI-powered attacks, such as AI-generated zero days and supply chain vulnerabilities, underscores the urgent need for faster, automated defense strategies to stay ahead of malicious actors.

Key Takeaways

RSAC 2026 CONFERENCE – San Francisco – Each year SANS researchers head to the RSAC Conference to reveal the five top attack techniques. But 2026 marks a distinct shift: all are powered by artificial intelligence.

“We would be lying to you if we pointed out a trend in attacks that did not involve AI,” SANS president and presentation moderator Ed Skoudis explained to the audience during a keynote session covering the Top 5. “That is just where we are in the industry.”

Attack Technique #1: AI-Generated Zero Days, From Scarcity to Surplus

Zero-day exploits used to belong solely to well-funded nation-state actors stacked with sophisticated researchers. But that barrier to entry into the zero-day game has been shattered by AI, according to Joshua Wright, faculty fellow and senior technical director of the SANS Institute. In fact, Wright points out that independent researchers have discovered AI zero days in widely deployed production software that run attackers as little as $116 in AI token costs; quite a savings of the millions of dollars more sophisticated actors had been previously investing in finding these zero days.

Related:Iran Hacktivists Make Noise but Have Little Impact on War

“Attackers were already faster than us,” Wright said. “AI has made the gap unbridgeable at our current pace."

It’s up to organizations to get faster to keep up, adding that can be achieved with accelerated patching, automation, and AI-powered defense tools, Wright advised.

Attack Technique #2: Supply Chain Risks, Your Vendor's Vendor's Vendor

Two out of three organizations were affected by a software supply chain attack over the past year, and there’s also been a surge in third-party involvement in breaches, and the number of malicious packages published to open source registries, Wright said.

He pointed out that the Shai-Hulud worm has infected more than a thousand open source packages and exposed 14,000 credentials across 487 organizations. Likewise, a China-affiliated group compromised the Notepad++ update infrastructure for six months, selectively delivering backdoors to targets in the energy, finance, government, and manufacturing sectors.

... continue reading

Explore topics: zero-day rsac iran hacktivists sans
Related:
Why a 'Near Miss' Database Is Key to Improving Information Sharing
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
CISOs Debate Human Role in AI-Powered Security
AI Dominates RSAC Innovation Sandbox
AI Conundrum: Why MCP Security Can't Be Patched Away

© 2026 GoKawiil

About | Editorial Policy | Contact