China-Linked AI Tool CyberStrikeAI Used in Global Attacks

In March 2026, an unknown threat actor was discovered leveraging an artificial intelligence-native tool called CyberStrikeAI to conduct automated attacks on vulnerable Fortinet FortiGate appliances globally. According to Team Cymru, this followed earlier findings which revealed the attacker used generative AI services like Claude and DeepSeek to compromise over 600 devices in 55 countries.

The open-source platform is hosted on GitHub by a China-based developer using the alias Ed1s0nZ. However, its recent modifications to remove references to a government award suggest an effort to obscure state ties. Security researcher Will Thomas noted the developer has interacted with firms like Knownsec 404, which suffered a major leak exposing connections to Chinese state agencies.

Consequently, DomainTools analysis described Knownsec as a “state-aligned cyber contractor” supporting national security objectives. Meanwhile, Ed1s0nZ’s other published tools include ransomware, AI jailbreak prompts, and privilege escalation scanners.

The developer’s activities point to potential Chinese government connections. Thomas concluded that “the adoption of CyberStrikeAI is poised to accelerate, representing a concerning evolution in the proliferation of AI-augmented offensive security tools.”

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Core Scientific To Sell Remaining Bitcoin For AI Pivot
• MARA’s Bitcoin lending brings $32.1M income as policy shifts
• Hedera February 2026 Developer Highlights Released
• Milei’s Secret Blockchain Pact with LIBRA Creator Exposed
• US Bitcoin Miner MARA Considers Selling Holdings