Data Breach TodayArchived Jun 08, 2026✓ Full text saved
Ray Canzanese of Netskope Threat Labs on AI-Generated Threats and Supply Chain Risk Attackers are using multi-model artificial intelligence harnesses to generate malware on the fly, with no malicious code ever shipped to a victim's machine. Ray Canzanese of Netskope Threat Labs breaks down why defenders must now inspect AI traffic, not just block it.
Full text archived locally
✦ AI Summary· Claude Sonnet
Why AI Is Making Malware Harder to Detect
Ray Canzanese of Netskope Threat Labs on AI-Generated Threats and Supply Chain Risk
Mathew J. Schwartz (euroinfosec) • June 8, 2026
Credit Eligible
Get Permission
Ray Canzanese, director, Netskope Threat Labs
Attackers no longer need to ship malicious code to compromise a target - they can build it on the fly using artificial intelligence. Defenders must now inspect AI conversations and agent traffic, not just apply allow-block policies, said Ray Canzanese, director of Netskope Threat Labs.
See Also: AI Impersonation Is the New Arms Race-Is Your Workforce Ready?
"A lot of this stuff is just a matter of the machine doing whatever it feels like. Get the human in the loop and say, 'This is what's happening,'" he said.
Canzanese described a proof of concept in which researchers delivered prompts and harness logic to a victim's machine, and malware was synthesized in real time. No single model produced working code, but the combination yielded functional ransomware. "It all came from OpenAI and Anthropic and all of these big vendors, and then was synthesized together into something malicious," he said.
In this video interview with ISMG at Infosecurity Europe 2026, Canzanese also discussed:
The surge in malicious PyPI and npm packages and why AI-generated code raises supply chain risk;
The return of fake installers and the growing threat of ClickFix attacks;
Why staying vendor-agnostic and version-pinning dependencies are essential defenses today.
Canzanese has expertise in software anti-tamper, malware detection and classification, cloud security, sequential detection, and machine learning. He provides cloud-enabled enterprises the knowledge and tools required to protect themselves. Before joining Netskope, he was CTO at Sift Security, acquired by Netskope.