What was designed as an AI-powered security solution has been hijacked by cybercriminals, enabling rapid exploitation of zero-day vulnerabilities. Check Point researchers have discovered that Hexstrike-AI, initially created to bolster company defenses through automated testing and analysis, is now being used for malicious purposes.
Almost immediately following its release, online discussions in dark web forums showed threat actors strategizing ways to weaponize the tool. This development is especially alarming considering Citrix recently disclosed three significant zero-day vulnerabilities affecting its NetScaler products. The convergence of these events creates a perfect storm for cyberattacks.
Hexstrike-AI’s key benefit is the drastic reduction in exploit time, now achieved in under 10 minutes, which effectively democratizes hacking. Now anyone can command the AI system to target platforms like NetScaler, and the tool will automatically identify the best attack vector and implement the attack.
Check Point advises organizations to immediately patch the NetScaler vulnerabilities, bolster defenses with their own AI-powered security systems, and proactively monitor conversations within the dark web. The speed and scale of the attacks, driven by AI, underscore the need for a new security paradigm.