Artificial intelligence creates a multiplier effect in cyber attacks
ESET, a world leader in cybersecurity, has published its 2026 Half-Time Threat Report, which summarizes the threat landscape trends observed in ESET telemetry from December 2025 to May 2026 and the insights of ESET threat detection and research experts.

According to the report, the first half of 2026 shows how attackers continue to improve the efficiency and scalability of their operations. Artificial intelligence (AI) is playing an increasingly important role in this development. ESET analyzed nearly 900 thousand AI skills, which are small functional components used by AI agents. It detected thousands of clearly malicious samples with tens of thousands of suspects. Artificial intelligence is also starting to appear within malware: ESET researchers have identified PromptSpy, the first known Android malware to use generative AI in its execution flow.
Jiří Kropáč, Director of Threat Prevention Labs at ESET, said: “Instead of relying on completely new methods and tools, attackers are rapidly adapting established techniques to new platforms, technologies and user behaviors. The number of AI capabilities in this new ecosystem is currently rapidly increasing, enabling attacks.” “On the other hand, PromptSpy demonstrates the potential for increased resilience against future threats – although the safeguards against misuse included in LLMs are likely slowing the adoption of this technology.”
AI capabilities are small plug-ins or sets of instructions that tell an AI agent how to perform a specific task, including what services or tools to use and what data to access. The published report details details about malicious AI skills using third-party hacking tools such as Mimikatz or Impacket, as well as suspicious self-modifying skills designed to create a persistence mechanism (JSON file) and a self-modifying tool (Python code). This can lead to unpredictable behavior of the agent or abuse by an attacker. Finally, there are also harmless but problematic capabilities marketed as security scanners that create a false sense of security but only apply basic scanning techniques (like 1990s antivirus tools) or query the reputation of hashes, URLs, and IP addresses on VirusTotal.
ClickFix, a social engineering technique that leverages fake error messages, has expanded beyond fake CAPTCHA alerts into AI-themed help pages, browser extensions, and cloud authentication scenarios. AI-fix demonstrates how attackers exploit trust in generative AI; Attackers are embedding ClickFix attack chains into AI-generated troubleshooting content for non-existent problems on pages that abuse the domains of AI giants. ConsentFix, on the other hand, highlights an evolution towards token theft, combining ClickFix-style interaction with OAuth authorization abuse to take over cloud accounts without the need to steal credentials and relying on entirely legitimate login workflows, often bypassing multi-factor authentication (MFA). ESET's detections of this vector have more than doubled between the second half of 2025 and the first half of 2026, indicating that activity is continuing and attackers are adapting.
QR code phishing has reached record levels
Phishing campaigns are also evolving in response to user behavior. QR code phishing, also known as “quishing,” has reached record levels in ESET telemetry data. Attackers are placing malicious links in QR codes to bypass controls and shift user interaction to mobile devices, while exploiting the implicit trust many people place in square-pattern barcodes. Approximately 11 percent of all phishing emails detected in the first half of 2026 used QR codes, and QR code phishing threats were most common in the United States (19% of detections), Spain (17%) and Mexico (6%).
Ransom attacks continue
Ransomware activity has shown no signs of slowing down; EDR killers designed to disable security software during attacks continued to be used. ESET Research has documented more than 100 different EDR killers in real-world use, and new variants continue to emerge regularly.Although the number of ransomware attacks continues to rise in the first half of 2026, the number of victims willing to pay has reached an all-time low. Three recent industry reports confirm this downward trend, reporting that the proportion of paying victims is between 14–28 percent.






