Full Report
A view of the H1 2026 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts.
Analysis Summary
# Industry News: ESET H1 2026 Threat Report Highlights AI-Driven Exploitation and Adaptive Social Engineering
## Summary
The ESET H1 2026 Threat Report reveals a significant shift in the cyber threat landscape, characterized by the weaponization of AI "skills" and the emergence of generative AI-integrated malware. Attackers are prioritizing scalability and flexibility, doubling down on adaptive social engineering tactics like "ClickFix" and record-breaking levels of QR code phishing (quishing).
## Key Details
- **Date:** July 08, 2026
- **Companies Involved:** ESET, Google (Gemini LLM referenced)
- **Category:** Market Analysis / Threat Intelligence
## The Story
The first half of 2026 marks a turning point where artificial intelligence has moved from a theoretical threat to a functional component of malware execution. ESET researchers identified **PromptSpy**, the first known Android malware to utilize Google’s Gemini AI within its execution flow to interpret UI elements and adapt to different device environments dynamically.
Simultaneously, the "AI Skills" ecosystem has become a massive new attack surface. ESET analyzed nearly 900,000 functional AI components, finding thousands of malicious instances designed to compromise AI agents. On the social engineering front, the "ClickFix" technique—utilizing fake browser and system errors—has surged by over 100% since late 2025. Traditional ransomware remains a dominant threat, bolstered by a library of over 100 "EDR killers" designed to neutralize security software before encryption begins.
## Business Impact
### For the Companies Involved
- **ESET:** Reinforces its position as a Tier-1 global research powerhouse by documenting first-of-its-kind AI malware (PromptSpy) and providing telemetry for the emerging "AI Skills" market.
### For Competitors
- **EDR/XDR Vendors:** The rising use of "EDR killers" puts immense pressure on security vendors to harden their agents against kernel-level and administrative-level termination attempts.
- **Mobile Security Providers:** The discovery of PromptSpy shifts the mobile threat narrative from static signature-based detection to the need for behavioral analysis of AI API calls.
### For Customers
- **Enterprises:** Increased risk of successful breaches via "quishing" (QR phishing), which bypasses traditional email gateways by shifting the attack to unmanaged mobile devices.
- **AI Adopters:** Organizations deploying AI agents must now audit the specific "skills" and third-party integrations those agents use to avoid data leakage or command injection.
### For the Market
- **The "Ransomware Paradox":** While activity remains high, fewer victims are paying ransoms. This suggests a maturing backup and recovery market, but may lead attackers to pivot toward more aggressive data extortion (leaking) rather than just encryption.
## Technical Implications
The introduction of **PromptSpy** signifies a move toward "logical" malware that doesn't rely on hardcoded paths. By using Gemini to "read" a screen, the malware can navigate apps it has never seen before, making it highly resilient to minor UI updates or different OS versions. Furthermore, the 100% growth in ClickFix detections shows that attackers are successfully exploiting the "technical illiteracy" gaps created by complex cloud and browser authentication workflows.
## Strategic Analysis
- **Market Positioning:** ESET is pivoting its messaging from traditional endpoint protection to **AI Ecosystem Security**, anticipating the need to protect the infrastructure *around* LLMs.
- **Competitive Advantage:** Early detection of AI-integrated malware gives ESET a first-mover advantage in developing heuristic models for LLM-based attacks.
- **Challenges:** The rapid growth of the "AI Skills" ecosystem (approaching 1 million components) makes manual curation impossible, requiring ESET to scale its own AI-driven detection to combat AI-driven threats.
## Industry Reactions
- **Analyst Opinions:** Market analysts note that the "quishing" surge highlights a critical blind spot in corporate BYOD (Bring Your Own Device) policies where mobile devices remain the weakest link.
- **Expert Commentary:** Security researchers emphasize that while LLM "guardrails" are slowing down some attackers, the PromptSpy case proves that creative API usage can bypass many safety filters.
## Future Outlook
- **Predictions:** Expect "AI Skill" poisoning to become a top-tier threat by 2027 as more businesses automate workflows via autonomous AI agents.
- **What to watch for:** The possible emergence of an "EDR-killer-as-a-service" market, where specialist groups sell only the tools needed to disable security software to other ransomware affiliates.
## For Security Professionals
- **Prioritize Mobile:** Ensure your phishing awareness programs include QR code samples; traditional desktop-centric training is no longer sufficient.
- **Harden EDR:** Consult with your security vendor regarding "Tamper Protection" settings to mitigate the 100+ known EDR killer variants documented by ESET.
- **Audit AI Integrations:** If your organization uses AI assistants (Co-pilots), begin auditing the third-party "skills" or "plugins" enabled within those environments.