Although 81 percent of companies use AI for cybersecurity, 94 percent fear that AI introduces new cyber risks.
This is according to research by Trend Micro. The reality of AI vulnerabilities became clear during the Pwn2Own event in Berlin. For the first time, AI frameworks were part of the hacking competition. The results were worrying: researchers discovered seven unique zero-day vulnerabilities in AI frameworks.
Twelve entries focused on four major AI frameworks, with the Nvidia Triton Inference Server receiving the most attention. Chroma, Redis, and the Nvidia Container Toolkit were also successfully exploited, sometimes with just one vulnerability leading to a complete compromise.
Widespread adoption and growing concerns
Trend Micro published research that reveals a remarkable paradox in the cybersecurity world. While organizations worldwide are embracing AI to strengthen their defenses, concerns about new attack vectors are growing.
The research shows that organizations primarily use AI for automated asset discovery, risk prioritization, and anomaly detection. For 42 percent of companies, AI and automation are at the top of the priority list for cybersecurity improvements.
Concrete security risks
These concerns are not unfounded. British companies cite AI-driven phishing and social engineering attacks (54 percent), exposure of sensitive data (41 percent), and the growth of shadow IT (38 percent) as the biggest risks.
Trend Micro’s CPO Rachel Jin warns that “attackers are just as eager to use AI for their own purposes, creating a rapidly changing threat landscape.”
Proactive approach needed
The findings emphasize that security must be built into AI systems from the outset. Trend Micro urges security leaders to proactively assess the risk landscape and integrate rigorous security practices into every phase of AI adoption.
Vendors now have 90 days to patch the vulnerabilities found before technical details are made public. This timeline follows standard responsible disclosure practices.
With AI becoming increasingly integrated into enterprise IT environments, balancing opportunities and risks is becoming a critical challenge for organizations worldwide.