Google Cloud’s Cybersecurity Forecast 2026 suggests that AI will soon sit at the center of every major security move, driving both attackers and defenders. In fact, by next year, AI won’t just support cyber crooks: it will run their operations.
According to Google Cloud, the balance of power in cybersecurity is further shifting because, unsurprisingly, both attackers and the pros fighting back are increasingly turning to AI.
This is not shocking, of course, as AI has been seeping into every digital platform for a few years now. But Google Cloud says that progress is so fast that by next year, AI won’t just support cybercriminals – it will run their operations.
“Threat actor use of AI is expected to transition decisively from the exception to the norm, noticeably transforming the cyber threat landscape,” said Google Cloud in the report.
“We anticipate that actors will fully leverage AI to enhance the speed, scope, and effectiveness of operations. <...> This includes social engineering, information operations, and malware development.”
Essentially, attackers are expected to automate entire campaigns, from writing code to sending phishing emails, using systems that learn and adapt on their own. These tools can imitate humans, exploit software, and rewrite their own malware in seconds.
Moreover, researchers anticipate threat actors will increasingly adopt agentic systems to streamline and scale attacks by automating steps across the attack lifecycle.
Finally, we may also begin to see other AI threats increasingly being discussed in security research, such as prompt injection where attackers manipulate AI into breaking its own safety rules, and direct targeting of the models themselves.
“This isn’t just a future threat – it’s a present danger, and we anticipate a significant rise in these attacks throughout 2026,” said the report, adding that as businesses integrate powerful AI models into daily operations perfect conditions for prompt injection attacks are created.
Social engineering – tricking targets instead of breaking systems – remains a top tactic. With AI, it’s harder to spot.
Google, though, explains that it is taking steps to defend against prompt injection. The multi-layered approach includes “model hardening along with system-level guardrails.”
These are, for instance, “machine learning content classifiers to filter malicious instructions from untrusted data, security thought reinforcement to keep the model focused on user intent, and strict output sanitization and user confirmation for high-risk actions.”
The Cybernews community is talking about this. Be a part of the conversation.
For now, though, social engineering – tricking targets instead of breaking systems – remains a top tactic. With AI, it’s harder to spot.
Groups like ShinyHunters (UNC6240) have been truly successful in 2025 by avoiding technical exploits and instead focusing on human weaknesses, particularly through voice phishing (vishing).
“Vishing is poised to incorporate AI-driven voice cloning to create hyperrealistic
impersonations, notably of executives or IT staff,” warns the report.
Threat actors have also found a new way to deliver ransomware by hiding malicious instructions in AI-generated content summaries. The target then executes a self-sabotaging command and is infected.
In 2026, the combination of ransomware, data theft, and multifaceted extortion will remain the most financially disruptive category of cybercrime globally, Google Cloud concludes.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked