Artificial intelligence dominated tech news through 2025 and not surprisingly, it also became extremely prominent when it comes to increasing security risks, according to a new report out today from Palo Alto Networks Inc.

The Palo Alto Networks’ State of Cloud Security Report 2025 draws on survey data from more than 2,800 security and technology leaders worldwide and analysis from its Unit 42 threat research team. It details a sharp escalation in security risk driven by AI as defenders struggle to keep pace with the speed and complexity of modern attacks.

The report explains how cloud environments now sit at the center of the threat landscape and how development velocity has also continued to accelerate, with more than half of surveyed organizations deploying new or updated code to production at least weekly. The high-frequency release cycle is shrinking the window for security teams to identify and remediate risk before systems are exposed.

Added to the mix is AI, which has become a major force multiplier on both sides of the security equation. The report finds that 99% of organizations now use generative AI tools to assist with software development, dramatically increasing the volume of code flowing through cloud pipelines.

While AI has boosted productivity, it has also introduced new classes of risk, including insecure configurations, vulnerable application programming interfaces and prompt-based attack techniques that outpace traditional application security controls.

The report details that AI risk is no longer theoretical, as nearly all respondents reported experiencing at least one attack on AI systems over the past year. Common attack paths included data exfiltration through AI assistants or plugins, abuse of model endpoints and compromised credentials.

The Unit 42 researchers also documented emerging techniques such as agent-to-agent attack chains and advanced prompt injection that expand the effective attack surface beyond traditional infrastructure.

With the rise of AI, APIs have emerged as a particularly acute pressure point. The report found a 41% year-over-year increase in API attacks, the steepest rise of any threat vector measured.

The issue with APIs is directly related to AI, as AI agents are increasingly relying on APIs to interact with cloud services and external systems. Misconfigurations and identity weaknesses within continuous integration/continuous deployment or CI/CD pipelines are giving attackers new opportunities to gain access at large scale.

Outside specific AI risks, the report notes that identity and access management remains a persistent weak link, with more than half of organizations citing overly permissive IAM practices as a top cloud security challenge.

Data exfiltration was found to be increasingly driven by legitimate-looking activity, such as software-as-a-service synchronization and external sharing, rather than overt exploits, making detection more difficult. Incident response capabilities were also found to be strained, as while most organizations can detect and contain threats within 24 hours, resolution frequently lags.

The report recommends strengthening security earlier in the development lifecycle by optimizing pre-deployment controls and reducing fragmentation across incident response workflows. Organizations are urged to implement context-aware security gates directly inside CI/CD pipelines that prioritize exploitability and business impact.

The report also recommends elevating identity, permissions and automation to tier-one priorities as cloud and AI adoption accelerates. Organizations are advised to enforce granular least-privilege access, improve secret management and move away from manual data discovery.

Image: Palo Alto Networks