
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Bitdefender's 2026 Cybersecurity Assessment Report reveals that organizations worldwide, including Singapore and the U.S., face increasing harm from AI-driven attacks such as self-mutating malware, social engineering, and data leaks via large language models. Many organizations lack full visibility into employee AI use, leading to significant breaches and underreporting incidents.[AI generated]
Why's our monitor labelling this an incident or hazard?
The article explicitly states that 59.2% of respondents experienced AI-driven social engineering attacks in the past 12 months, indicating realized harm. It also mentions financial or data loss due to business email compromise (BEC) and ransomware, some of which are AI-driven. The AI systems involved are large language models and AI tools used by attackers to generate malware, deepfakes, and evasion techniques. This fits the definition of an AI Incident as the AI system's use has directly led to harm (financial loss, data breaches, harm to organizations). The article does not merely warn of potential future harm but reports ongoing incidents and their impacts, excluding classification as an AI Hazard or Complementary Information.[AI generated]