CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 05, 2026

4 Critical Threats Where Attackers Have the Advantage

Dark Reading Archived Jun 05, 2026 ✓ Full text saved

Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.

Full text archived locally
✦ AI Summary · Claude Sonnet


    VULNERABILITIES & THREATS CYBER RISK APPLICATION SECURITY IDENTITY & ACCESS MANAGEMENT SECURITY NEWS 4 Critical Threats Where Attackers Have the Advantage Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections. Rob Wright,Senior News Director,Dark Reading June 4, 2026 4 Min Read SOURCE: TADAMICHI VIA GETTY IMAGES GARTNER SECURITY & RISK MANAGEMENT SUMMIT – National Harbor, Md. – Enterprise defenses for four critical threats are overmatched and in urgent need of improvement. That's according to several analysts who spoke at the Gartner Security and Risk Management Summit this week. In a session on Monday, John Watts, VP analyst at Gartner, highlighted deepfakes, software supply chain risks, prompt injections, and AI application compromises as the four most pressing threats for enterprises. These four threats ranked at the top of Gartner's 2026-27 ThreatScape chart, which contrasts threat actor signals against the effectiveness of the attack against enterprise defenses. And in these cases, "the attacker holds the advantage," Watts said, because organizations' security capabilities and current solutions aren't yet up to the task. Other Gartner analysts emphasized these threats across numerous sessions throughout the conference, urging enterprises to improve their security postures through additional controls and stronger policies. But that may be easier said than done. Related:With Complex Cloud Integrations, Small Errors Lead to Major Compromises Deepfakes and Software Supply Chain Risks There was a time not too long ago when AI's role in vishing or videoconferencing attacks was unclear. But that time is long past — deepfakes are "clearly a problem," Watts said. According to Gartner, 62% of organizations have been hit with some kind of deepfake attack involving social engineering or bypassing facial or voice recognition systems. In a Tuesday session, Zachary Smith, director analyst at Gartner, said that even if some deepfake detection technologies work today, the AI market is moving so fast that they may not work tomorrow. To that point, Smith urged organizations to apply a layered security approach with additional authentication requirements as well as tools to detect caller ID spoofing and SIM swapping. "You don't need to detect the deepfake to stop a deepfake attack," Smith said, explaining that a failed authentication check will thwart an attacker. Bryson Byrd, cybersecurity adviser at Huntress, tells Dark Reading that additional authentication measures are a must. "Multifactor authentication doesn't just apply to passwords. It's everything now," he says.   Gartner's 2026-27 ThreatScape chart has deepfakes, prompt injections, software supply chain risks and AI application compromises as the most pressing threats. SOURCE: Gartner Like deepfakes, supply chain attacks aren't new. However, the landscape has changed with automated worms like Shai-Hulud, which became a force multiplier for attackers looking to sweep up credentials and secrets and continue compromising repositories. In addition to the worms, organizations are struggling with securing their code on third-party platforms. While GitHub has introduced security features like secrets scanning, organizations sometimes skip over them and exposure sensitive data. Watts said "NPM is kind of a mess," even though some improvements have been made.  Related:Microsoft Issues Out-of-Band SharePoint Patch But organizations need to apply controls around their software and development environments, Watts added. Those controls include strong version-control policies, secrets scanning and management, and applying the principle of least privilege to CI/CD pipelines.  Prompt Injections and AI Application Compromises Prompt injections have been an ongoing problem for AI companies and their customers. But the threat is even more concerning with the massive growth of AI agents. Watts explained that threat actors can execute indirect injection attacks by planting malicious prompts in webpages, for example, and waiting for agents to read them. Watts cited data from Google that showed a 32% increase in indirect prompt injections attacks between November 2025 and February 2026. "The big issue is that as you get to agentic, autonomous AI, once the execution chain is poisoned, the whole thing goes downhill," he said. "You can't really recover from that." Watts said some security vendors that claim to focus on prompt injection security are merely looking for keywords typically featured in malicious prompts. "That's not going to work," he said. In another session on rogue AI agents, Dennis Xu, research vice president at Gartner, emphasized that there is no way to stop prompt injection and jailbreaking attacks 100% of the time, Related:Microsoft Exchange Zero-Day Under Attack, No Patch Available Instead of relying solely on third-party solutions, Watts encouraged organizations to use penetration testing and red teaming on their AI systems to find and address prompt injections. Last but not least, Watts flagged AI application compromises, which can stem from variety of sources. For example, Watts noted there were 2,130 AI-related CVEs disclosed in 2025, a nearly 35% year-over-year increase. Additionally, memory poisoning attacks and insecure resources and infrastructure can also lead to compromise. "As you build and scale your AI applications and get more out of AI, you're going to increase the attack surface," he said, which threat actors are counting on. It doesn't help matters when, for example, OpenClaw spreads like wildfire across the industry. The popular open source AI framework, which has had numerous critical vulnerabilities, has been deployed widely — and often insecurely — by many organizations since it was launched earlier this year. "Right now you can still run scans and find OpenClaw on the Internet with admin rights," Watts said. "You've got to make sure you've got some controls around how people are doing this stuff." About the Author Rob Wright Senior News Director, Dark Reading Rob Wright is a longtime reporter with more than 25 years of experience as a technology journalist. Prior to joining Dark Reading as senior news director, he spent more than a decade at TechTarget's SearchSecurity in various roles, including senior news director, executive editor and editorial director. Before that, he worked for several years at CRN, Tom's Hardware Guide, and VARBusiness Magazine covering a variety of technology beats and trends.  Prior to becoming a technology journalist in 2000, he worked as a weekly and daily newspaper reporter in Virginia, where he won three Virginia Press Association awards in 1998 and 1999. At TechTarget and Dark Reading, he has won several Azbee awards, including the 2026 National Silver Award for a series on vibe coding.  At Dark Reading, Rob currently covers security operations, cloud security, and Internet infrastructure. He has a keen interest in malvertising activity and the certificate authority industry, and has written extensively on both topics. He graduated from the University of Richmond in 1997 with a degree in journalism and English. A native of Massachusetts, he lives in the Boston area.  Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Organizations Are Managing Incident Response How Enterprises Are Developing Secure Applications Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy Essential News & Insights from Black Hat USA 2025 How Enterprises Are Harnessing Emerging Technologies in Cybersecurity Access More Research Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack Defending in the Shadow Era: When the CVE Feed Goes Dark Building SecOps That Make the Most of Every Dollar AI-Powered Credential Security: Intelligence Without Exposure More Webinars You May Also Like VULNERABILITIES & THREATS Cheap Hardware Module Bypasses AMD, Intel Memory Encryption by Rob Wright NOV 25, 2025 VULNERABILITIES & THREATS Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs by Jai Vijayan, Contributing Writer NOV 11, 2025 VULNERABILITIES & THREATS Microsoft Issues Emergency Patch for Critical Windows Server Bug by Rob Wright OCT 24, 2025 VULNERABILITIES & THREATS 350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE by Nate Nelson, Contributing Writer JUL 11, 2025 Editor's Choice CYBERSECURITY OPERATIONS 20 Leaders Who Built the CISO Era: 2 Decades of Change byDark Reading Editorial Team MAY 12, 2026 41 MIN READ APPLICATION SECURITY It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight byJai Vijayan MAY 12, 2026 5 MIN READ CYBERATTACKS & DATA BREACHES Instructure Breach Exposes Schools' Vendor Dependence byAlexander Culafi MAY 6, 2026 4 MIN READ Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed TUESDAY, JUNE 23, 2026 1:00 PM EDT Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack THURS, JUNE 25, 2026, AT 1PM EST Defending in the Shadow Era: When the CVE Feed Goes Dark TUES, JUNE 16, 2026 AT 1PM EST Building SecOps That Make the Most of Every Dollar THURS, JULY 9, 2026 AT 1PM EST AI-Powered Credential Security: Intelligence Without Exposure WED, JUNE 17, 2026, AT 1PM EST More Webinars BLACK HAT USA | MANDALAY BAY, LAS VEGAS The premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass. GET YOUR PASS
    💬 Team Notes
    Article Info
    Source
    Dark Reading
    Category
    ◇ Industry News & Leadership
    Published
    Jun 05, 2026
    Archived
    Jun 05, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗