The Indian Computer Emergency Response Team, better known as CERT-In, has issued a high-severity advisory warning that frontier AI systems are rapidly acquiring cyber capabilities once associated with highly trained human attackers.
The advisory, numbered CIAD-2026-0020 and dated April 26, 2026, describes a significant increase in what it calls cyber capability maturity in emerging AI systems. These systems, it says, are now capable of autonomously discovering vulnerabilities in widely used software, analyzing source code, planning and chaining together multi-stage attacks, and simulating the compromise of enterprise networks from end to end.
That description marks an important shift in official tone. Indian cybersecurity advisories have often focused on malware families, exploited software flaws or infrastructure-specific warnings. This one is broader and more structural. It suggests that the next phase of cyber risk may not be defined by a single threat actor or one specific tool, but by a class of AI systems that can accelerate nearly every stage of offensive activity.
FCRF Returns With CDPO, Its Premier Data Protection Certification for Privacy Professionals
The advisory, issued under the leadership of Dr. Sanjay Bahl (DG, CERT-In), says these activities can now be performed at a speed and scale that previously required teams of skilled experts. That point, more than any individual example, explains the seriousness of the warning. It is not merely the existence of capability that concerns defenders. It is the prospect of its automation.
From Reconnaissance to Phishing, the Attack Cycle Speeds Up
CERT-In’s list of frontier AI capabilities reads less like a speculative forecast than like a map of the modern intrusion cycle.
The advisory warns that such models may be capable of large-scale software analysis for both known and zero-day vulnerabilities across extensive codebases. They may accelerate exploit development, including proof-of-concept generation for newly disclosed flaws. They may automate reconnaissance across internet-facing infrastructure, APIs, cloud services and enterprise attack surfaces. And they may assist in credential harvesting, attack-path discovery and multi-stage attack orchestration, including privilege escalation and lateral movement planning.
Particularly striking is the warning on AI-generated phishing and impersonation attacks, including highly convincing multilingual social-engineering content. This brings the threat down from the level of critical infrastructure and enterprise systems to ordinary employees and citizens. If phishing becomes cheaper, faster and more believable, the consequences are unlikely to remain confined to large institutions.
The advisory also flags rapid weaponization of vulnerabilities and adaptive exploitation workflows, suggesting that newly disclosed flaws may be operationalized within hours rather than days or weeks. In practice, that compresses the defensive window. Patch management becomes more urgent. Monitoring must become more continuous. Delayed response begins to look less like a weakness and more like an invitation.
The Risk Is Not Just Technical, but Systemic
CERT-In’s risk and impact assessments are notable for how wide a field they cover.
The agency warns of a heightened risk of automated, multi-stage and low-cost reconnaissance, vulnerability exploitation, credential compromise and social-engineering campaigns targeting inadequately secured systems, services and individuals. It lists potential impacts that include unauthorized access, service disruption, data exfiltration, identity compromise, financial fraud, impersonation, persistent compromise of operational environments and cascading compromise of interconnected systems and services.
That language matters because it frames frontier AI as a systemic risk rather than a narrow cybersecurity niche. The warning is not only about breached networks. It is also about fraudulent identities, compromised financial systems, deepfake-enabled deception, operational paralysis and the fragility of connected digital ecosystems.
CERT-In appears to be drawing a line between two eras of cyber defense. In the older one, many attacks were still constrained by attacker bandwidth, technical competence and labor. In the newer one, AI may begin to dissolve those constraints. A less skilled actor may gain access to tools that make complex attack chains easier to identify and execute. A sophisticated actor may become dramatically faster.
The advisory acknowledges the dual-use nature of the technology. It notes that such systems hold promise for defensive applications. But it argues that the same capabilities could lower the barrier to entry for malicious cyber actors, accelerate attack execution, automate exploitation workflows and scale campaigns in ways that make existing defensive assumptions obsolete.
FCRF Returns With CDPO, Its Premier Data Protection Certification for Privacy Professionals
A New Defensive Burden Falls on Companies, MSMEs and Individuals
The advisory’s recommendations are extensive, but their underlying logic is simple: baseline security is no longer enough unless it is rigorously enforced and adapted to the speed of AI-driven threats.
For organizations, CERT-In calls for heightened vigilance, more frequent monitoring, tighter review of internet-exposed assets, stronger detection for rapid automated scanning and abnormal access patterns, DDoS protection, faster reaction to critical vulnerabilities, and continuous action on threat intelligence feeds and alerts. It pushes strongly for Zero Trust Network Architecture, including stricter access control, multi-factor authentication, geo and IP-based restrictions, micro-segmentation, hardening of legacy remote access systems and reduction of public exposure for production systems.
On patching and vulnerability management, the agency argues for a faster and more automated approach. Critical patches for internet-facing systems, web browsers and operating systems, it says, should be treated as urgent and applied within 24 hours where possible. It also recommends cloud and container misconfiguration checks, supply chain discipline, and tracking bills of materials for software, hardware, AI, quantum computing and cryptographic requirements.
For manpower and incident response, the advisory makes another important move: it shifts attention from tools alone to preparedness. It urges organizations to train teams on AI-augmented attacker behavior, conduct phishing simulations that account for AI-generated voice, text and video lures, build internal AI security communities, run external AI red teaming exercises, and update incident response and cyber crisis plans for large-scale and accelerated attack scenarios. It even recommends tabletop exercises for five simultaneous incidents rather than one, explicitly modeling AI-driven scenarios.
The advisory also devotes substantial attention to MSMEs and individual users, an acknowledgment that AI-enabled cyber risk will not stop at the perimeter of large enterprises. Smaller firms are asked to lean on cost-effective but disciplined controls such as managed security services, MFA, patching, backup testing, phishing filters, monitored logs and structured breach response. Individuals are warned to update devices regularly, avoid unverified apps and files, use strong and unique passwords, verify suspicious calls and messages, distrust AI-generated urgency, avoid public Wi-Fi for sensitive transactions, and remain skeptical of offers that seem too good to be true.
Taken together, the document suggests that India’s cyber authorities are beginning to view frontier AI not as a distant policy debate but as an operational threat that touches everyone in the digital economy. The advisory does not claim that this future is coming. It assumes that, in important ways, it has already arrived.
