AI as a target, web-based attacks and deepfakes -- cybersecurity predictions for 2026

The very nature of cybersecurity makes it a constant arms race between attackers and defenders and recently that’s meant both sides utilizing AI.

This seems unlikely to change in 2026 but what else might we expect? Some industry experts give us their views.

Ken Johnston, VP of data, analytics and AI at Envorso, warns of AI expanding the attack surface, “As AI systems become autonomous, the attack surface expands dramatically. Organizations are moving from reactive defense to preemptive protection -- detecting prompt injection, data leakage, and rogue-agent behavior before they cause damage. Security for AI isn’t a bolt-on anymore; it’s a design principle.”

Rob Rachwald, vice president at Veza, says, “In 2026, a high-profile breach will trace back not to a human, but to an AI agent or machine identity with excessive, unsupervised access. As enterprises integrate AI copilots, pipelines, and autonomous agents into production systems, a single misconfigured token or overprivileged API key will expose sensitive data at scale. This will mark a turning point: identity programs will expand from human governance to AI identity governance: enforcing authentication, behavior baselines, and least-privilege policies for every algorithm that acts on behalf of the business.”

Cyber threats will target global events says Lina Dabit, field CISO at Optiv, “2026 will be a challenging year because of several global events that will create significant opportunities for nation-state actors, cybercriminals, and hacktivists. Expect that FIFA 2026 across North America, the Super Bowl, the Winter Olympics in Italy, and the US mid-term elections will all be targeted by multiple groups -- and likely at the same time.”

Resilience senior technical security advisor, Chuck Norton, says:

Attackers won’t need to change their social engineering playbooks in 2026; AI will simply help them do the same things better. The human element is still the weakest link, and as generative tools improve, it’s becoming even easier to craft convincing lures. Even as new threats emerge, tricking someone into clicking a link or sharing access will remain the most reliable and profitable entry point.

Attackers will use AI to identify vulnerabilities and automate parts of the extortion process, making operations faster and more profitable. But the real story in 2026 will be about efficiency, not novelty. The fundamentals haven’t changed -- if there’s money to be made, threat actors will find a way to make it.

Mike Walters, president and co-founder of Action1, thinks AI systems will become a target for attack. “As AI/ML technologies become embedded in enterprise systems, new categories of vulnerabilities will proliferate, including adversarial manipulations, data poisoning, model extraction, and prompt injection in AI-enabled tools. Although the risk was outlined in 2025, we should expect a more concrete uptick in publicized vulnerabilities affecting the AI/ML stack (frameworks, training pipelines, and inference engines) in 2026. These vulnerabilities will be weaponized by cyber threat actors.”

Andrius Buinovskis, cybersecurity expert at NordLayer, expects an increase in web-based attacks, “As companies continue to adopt web-based software as a service and abandon the desktop for the web, the cyber risks that are waiting for employees in the browser are becoming increasingly more prominent and common. Malicious extensions, various phishing pages, and infostealer malware are some of the main threats lurking in the browser, which is becoming the default channel for work-related tasks in many organizations."

Darren Anstee, chief technology officer for security at NETSCOUT, predicts greater infrastructure risk. “In 2026, we expect to see a continued escalation in infrastructure risk, with botnets capable of generating attacks at 20+ terabits per second threatening not only individual targets, but the subscriber and Internet connectivity within Internet Service Provider networks. Very high volume and throughput attacks create significant collateral damage, where businesses and consumers with no direct link to the target can be impacted, as they are isolated from cloud services and the wider internet.”

Grayson Milbourne, security intelligence director at OpenText Cybersecurity, believes deepfakes will lead to a change in communication habits. “Deepfakes have reached a new level of sophistication. With synthetic voices and video now indistinguishable from the real thing, attackers can impersonate anyone in real time. In response, organizations will reintroduce traditional trust-building tactics. Executives will meet in person for high-stakes decisions, ‘safe words’ will return as verification tools, and face-to-face will regain its value. In a world where we can no longer trust what we see and hear online, physical presence will become a new pillar of security strategy.”

Camellia Chan, CEO and co-founder of X-PHY, echoes this, “Deepfakes will become the default social engineering tool by year-end 2026. Alongside their counterpart, the phishing attack, deepfakes are causing data breaches and information leaks by attacking the most vulnerable part of cybersecurity: human psychology. Now that deepfake tools are widely available, we are firmly in an age where trusting is unfortunately a vulnerability. Businesses need to become more proactive in their defence, moving beyond strategies that rely on human instinct to spot imitations to zero-trust frameworks that question all digital activity within the enterprise.”

Roi Nisimi, senior security researcher at Orca Security, says, “In 2026, attackers will shift their focus from organizations to individuals. In the past, organizations were considered a more straightforward, lucrative target; you scan the internet, discover the attack surface, exploit an asset on the DMZ, and you're in. Nowadays, it’s more optimal to target a single employee and get their credentials to all cloud accounts. With the fast adoption of a versatile collection of AI agents, we will be seeing attackers targeting individuals, likely with indirect prompt injections.”

Ric Derbyshire, principal security researcher at Orange Cyberdefense, thinks the cybercrime landscape will fragment:

The fragmentation of the cybercrime landscape will continue to accelerate next year. Previously, a single dominant group defined the landscape. Now, several actors are sustaining large-scale operations; our new Security Navigator report found the number of distinct actors nearly tripled during 2024-2025. Far from signaling decline, the takedown of dominant groups has simply resulted in the redistribution of activity among various successors and emerging actors, further expanding the cybercrime landscape.

As this trend of fragmentation continues, the only way we can rise to the challenge and defend against the threat of multiple highly productive actors is through unprecedented global collaboration. In 2026, I expect we will see an uptick in global initiatives and public-private partnerships, ushering in a new era of knowledge to rival that of cybercrime actors.

Derek Manky, chief security strategist at Fortinet, says, “Cybercrime is entering its fourth industrial phase, blending automation, integration, and specialisation. Credential dumps will continue to evolve into curated ‘intelligent combo lists’ enriched with metadata and behavioural analytics.”

Ashley Jess, senior intelligence analyst at Intel 471, says the human element will remain critical in the face of AI attacks. “Adversaries are increasingly exploring AI to develop and optimize their kits, so defenders will need to leverage automation alongside intelligence-driven hunting to keep pace. However, full automation is extremely unlikely to replace human hunters. Humans remain critical for hypothesis-driven investigation, adversary emulation and interpreting ambiguous behaviors.”

Have you any thoughts on the cybersecurity threats we might face in 2026? Let us know in the comments.

Image credit: BiancoBlue/depositphotos.com