Artificial Intelligence-Powered Cyber Attacks in Europe: ENISA Issues Critical Warning

A new technical advisory report by ENISA highlights emerging cyber threat patterns resulting from the increasing use of artificial intelligence by threat actors.

Cyber Warfare in the Age of Artificial Intelligence: ENISA Releases New Threat Analysis The European Union Agency for Network and Information Security (ENISA) has published a technical advisory report on the secure use of package managers. The report focuses on protecting European organizations from threat actors that exploit artificial intelligence-powered security vulnerabilities and target software supply chain attacks.

The report was prepared in response to recent attacks that have compromised legitimate software infrastructure to infiltrate traditional security update channels. ENISA has shared with the public that the cyber threat landscape has undergone significant changes over the past few years, with notable increases in both the success rate of attacks per unit and the scale of operations targeting European targets.

State-sponsored actors linked to Russia and China are using large language models more actively to launch complex attack chains targeting defense industry subcontractors, energy companies, and government institutions. ENISA's technical advice includes making digital signature verification mandatory in package repositories, strengthening isolation mechanisms, and automatically detecting abnormal dependency update patterns indicative of supply chain attacks.

This bulletin is part of ENISA's security advisory series, which regularly publishes technical guidance documents for cybersecurity practitioners protecting Europe's critical infrastructure.