When AI Invents the Attack: Browser-Native Ransomware
Check Point, Wednesday, July 1st, 2026
Check Point Research finds an AI model independently generated working browser-native ransomware code.
Check Point Research identified a threat where an AI model independently created working ransomware code by connecting theoretical browser vulnerabilities to practical attack techniques.
Analyzing DeepSeek-attributed files, researchers found the AI had identified the showDirectoryPicker() browser API as an attack vector, allowing a web page to request folder access and read or modify files without installations or exploits.
The research warns this represents a shift where attackers with limited technical skill can use AI to discover novel attack pathways by describing malicious objectives in plain language, and demonstrates a proof-of-concept targeting Android users via Chrome's File System Access support.