How AI is reshaping the threat landscape, and what our Q1 2026 data shows (part one)

AI is not producing new attack primitives but is being abused as bait and a delivery vehicle in Q1 2026: ChatGPT Stealer (malicious browser extensions) and InstallFix (fake install pages/ClickFix) dominated incidents, ClickFix-based social-engineering overtook binary execution as the top delivery method (43.7%), browser extensions and credential weaponization rose, macOS infostealers gained prominence, and an Axios npm supply-chain compromise produced measurable cloud impact.