The AI threat that’s actually worth worrying about from Q1 2026 (part two)

The report explains that well-resourced nation-state actors—exemplified by a Lazarus subgroup dubbed HexagonalRodent—are using AI to industrialize social engineering and malware development, resulting in the exfiltration of cryptocurrency wallet data from more than 2,700 developer systems (up to $12M aggregated). It also warns that AI-assisted tools like Anthropic's Mythos materially lower the cost of finding vulnerabilities, shrinking the protection afforded by security-through-obscurity and increasing the risk surface for organizations.