A newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a campaign that breached hundreds of Fortinet FortiGate firewalls. The platform integrates numerous security tools with AI agents, enabling automated attacks and lowering the barrier for complex network exploitation. Researchers warn such AI-native orchestration engines could accelerate automated targeting of exposed edge devices. The developer of CyberStrikeAI has links to other AI-assisted security tools and has interacted with organizations previously linked to Chinese government–affiliated cyber operations.
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls.
Last month, BleepingComputer reported on an AI-assisted hacking operation that compromised more than 500 FortiGate devices in five weeks. The threat actor behind this campaign used multiple servers, including a web server at 212.11.64[.]250.
In a new report, Senior Threat Intel Advisor for Team Cymru, Will Thomas (aka BushidoToken), says that the same IP address was observed running the relatively new CyberStrikeAI AI-powered security testing platform.
Analyzing NetFlow data, Team Cymru identified a "CyberStrikeAI" service banner running on port 8080 on 212.11.64[.]250 and saw network communications between that IP and Fortinet FortiGate devices the threat actor targeted. The FortiGate campaign infrastructure was last seen running CyberStrikeAI on January 30, 2026.
CyberStrikeAI's GitHub repository describes itself as an "AI-native security testing platform built in Go" that integrates over 100 security tools, an intelligent orchestration engine, predefined security roles, and a skills system.
"Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization—delivering an auditable, traceable, and collaborative testing environment for security teams," reads the project description. The tool includes an AI decision engine compatible with models such as GPT, Claude, and DeepSeek, a password-protected web UI with audit logging and SQLite persistence, and a dashboard for vulnerability management, task orchestration, and attack-chain visualization.
Its tooling allows it to conduct a full attack chain, including network scanning (nmap, masscan), web and application testing (sqlmap, nikto, gobuster), exploitation frameworks (metasploit, pwntools), password cracking tools (hashcat, john), and post-exploitation frameworks (mimikatz, bloodhound, impacket).
By combining these tools with AI agents and an orchestrator, CyberStrikeAI enables operators, even low-skilled ones, to automate attacks against targets. Team Cymru warns that AI-native orchestration engines like this could accelerate automated targeting of exposed edge devices, including firewalls and VPN appliances.
The researchers say they observed 21 unique IP addresses running CyberStrikeAI between January 20 and February 26, 2026, with servers primarily hosted in China, Singapore, and Hong Kong. Additional infrastructure was spotted in the United States, Japan, and Europe.
"As adversaries increasingly embrace AI-native orchestration engines, we expect to see a rise in automated, AI-driven targeting of vulnerable edge devices, similar to the observed reconnaissance and targeting of Fortinet FortiGate appliances," explains Thomas.
"In the near future, defenders must be prepared for an environment where tools like CyberStrikeAI, alongside the developer's other AI-assisted privilege escalation projects like PrivHunterAI and InfiltrateX, significantly lower the barrier to entry for complex network exploitation."
The researchers also examined the profile of the CyberStrikeAI developer, who goes by the alias "Ed1s0nZ."
Based on public repositories linked to the account, the developer has worked on additional AI-assisted security tools, including PrivHunterAI, which uses AI models to detect privilege escalation vulnerabilities, and InfiltrateX, a privilege escalation scanning tool.
According to Team Cymru, the developer's GitHub activity shows interactions with organizations previously linked to Chinese government–affiliated cyber operations.
In December 2025, the developer shared CyberStrikeAI with Knownsec 404's "Starlink Project." Knownsec is a Chinese cybersecurity firm with alleged links to the Chinese government.
On January 5, 2026, the developer mentioned receiving a "CNNVD 2024 Vulnerability Reward Program – Level 2 Contribution Award" on their GitHub profile.
The China National Vulnerability Database (CNNVD) is believed to be operated by China's intelligence community, which allegedly uses it to identify vulnerabilities for its operations. Team Cymru says the reference to CNNVD was later removed from the developer's profile.
The developer's GitHub repositories are primarily written in Chinese, suggesting they are a Chinese-speaking developer, and interaction with domestic cybersecurity organizations would not necessarily be unusual.
These new AI-powered cybersecurity tools continue to demonstrate how commercial AI services are increasingly used by threat actors to automate their attacks while, at the same time, lowering the barrier to entry.
Last month, Google also reported that threat actors are abusing Gemini AI across all stages of cyberattacks, empowering the abilities of threat actors of all skill levels.
Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
Meridiano
