Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries  Ravie Lakshmanan  Mar 03, 2026 Vulnerability / Artificial Intelligence The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address ("212.11.64[.]250") that was used by the suspected Russian-speaking threat actor to conduct automated mass scanning for vulnerable appliances. CyberStrikeAI is an "open-source artificial intelligence (AI) offensive security tool (OST) developed by a China-based developer who we assess has some ties to the Chinese government," security researcher Will Thomas (aka @BushidoToken ) said . Details of the AI-powered activity came to light last month when Amazon Threat Intelligence said it detected the unknown attacker systematically targeting FortiGate devices using generative artificial intelligence (AI) services like Anthropic Claude and DeepSeek, compromising over 600 appliances in 55 countries. According to the description in its GitHub repository, CyberStrikeAI is built in Go and integrates more than 100 security tools to enable vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization. It's maintained by a Chinese developer who goes by the online alias Ed1s0nZ. Team Cymru said it observed 21 unique IP addresses running CyberStrikeAI between January 20 and February 26, 2026, with servers primarily hosted in China, Singapore, and Hong Kong. Additional servers related to the tool have been detected in the U.S., Japan, and Switzerland. The Ed1s0nZ account, besides hosting CyberStrikeAI, has published several other tools that demonstrate their interest in exploitation and jailbreaking AI models - watermark-tool, to add invisible digital watermarks to documents. banana_blackmail, a Golang-based ransomware, PrivHunterAI, a Golang-based tool that uses Kimi, DeepSeek, and GPT models to detect privilege escalation vulnerabilities. ChatGPTJailbreak, which contains a README.md file with prompts to jailbreak OpenAI ChatGPT by tricking it into entering a Do Anything Now (DAN) mode or asking it to act as ChatGPT with Developer Mode enabled. InfiltrateX, a Golang-based scanner for detecting privilege escalation vulnerabilities. VigilantEye, a Golang-based tool that monitors the disclosure of sensitive information, such as phone numbers and ID card numbers, in databases. It's configured to send an alert via a WeChat Work bot if a potential data breach is detected. "Further, Ed1s0nZ's GitHub activities indicate they interact with organisations that support potentially Chinese government state-sponsored cyber operations," Thomas said. "This includes Chinese private sector firms that have known ties to the Chinese Ministry of State Security (MSS)." One such company the developer has interacted with is Knownsec 404 , a Chinese security vendor that suffered a major leak of more than 12,000 internal documents late last year, exposing the firm's employee data, government clientele, hacking tools, large volumes of stolen data such as South Korean call logs and information related to Taiwan's critical infrastructure organizations, and the inner workings of ongoing cyber operations targeting other countries. "Ostensibly, KnownSec appeared to be just another security company, but this is only a half truth," DomainTools noted in an analysis published this January, describing it as a "state-aligned cyber contractor" capable of supporting Chinese national security, intelligence, and military objectives. "In reality, [...] it has a shadow organization that works for the PLA, MSS, and the organs of the Chinese security state. This leak exposes a company that operates far beyond the role of a typical cybersecurity vendor. Tools like ZoomEye and the Critical Infrastructure Target Library give China a global reconnaissance system that catalogs millions of foreign IPs, domains, and organizations mapped by sector, geography, and strategic value." Ed1s0nZ has also been observed making active modifications to a README.md file located in an eponymous repository, removing references to them having been honored with the Level 2 Contribution Award to the China National Vulnerability Database of Information Security (CNNVD). The developer has also claimed that "everything shared here is purely for research and learning." According to research published by Bitsight last month, China maintains two different vulnerability databases: CNNVD and the Chinese National Vulnerability Database (CNVD). While CNNVD is overseen by the Ministry of State Security, CNVD is controlled by CNCERT. Previous findings from Recorded Future have revealed that CNNVD takes longer to publish vulnerabilities with higher CVSS scores than vulnerabilities with lower ones. "The developer's recent attempt to scrub references to the CNNVD from their GitHub profile points to an active effort to obscure these state ties, likely to protect the tool's operational viability as its popularity grows," Thomas said. "The adoption of CyberStrikeAI is poised to accelerate, representing a concerning evolution in the proliferation of AI-augmented offensive security tools." Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post. SHARE      Tweet  Share  Share  Share   Share on Facebook  Share on Twitter  Share on Linkedin  Share on Reddit  Share on Hacker News  Share on Email  Share on WhatsApp Share on Facebook Messenger  Share on Telegram SHARE  artificial intelligence , cybersecurity , Fortinet , Malware , network security , ransomware , Threat Intelligence , Vulnerability Trending News Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies ⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware and More ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit and 15+ Stories Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem How Exposed Endpoints Increase Risk Across LLM Infrastructure Popular Resources 100+ Domains Multiply Attack Risk 6× - Download the CTEM Divide Research Boost SOC Efficiency with AI-Guided Triage — Download Investigator Overview Silent Residency Is the New Threat Model — Download the Red Report Exposed Cloud Training Apps Are Letting Hackers In — Download the Research