Generative AI is reshaping the way security teams operate—accelerating threat detection, automating workflows, and enabling scale. But as defenders embrace AI to strengthen their posture, cyberattackers are doing the same to evolve faster than traditional defenses can adapt. Microsoft’s 2025 Digital Threats Report revealed that cyberattackers like Russia, China, Iran, and North Korea have more than doubled their use of AI to mount cyberattacks and spread disinformation. AI is now used to translate phishing emails into fluent English, generate deepfake videos of executives, and automate malware that adapts in real time to evade detection.¹

The shift is already underway:

• 66% of organizations are developing or planning to develop custom generative AI applications.²

• 88% of organizations are somewhat or extremely concerned about indirect prompt injection attacks.³

• 80% of business leaders cite sensitive data leakage via AI as a top concern.⁴

To help organizations navigate this new landscape, Microsoft has published a new guide, titled 5 Generative AI Security Threats You Must Know About. In this blog post, we’ll highlight the key themes covered in the e-book, including the challenges organizations face, the top generative AI threats to organizations, and how companies can enhance their security posture to meet the dangers of today’s unpredictable AI environments.

Security leaders face urgent challenges

As generative AI becomes embedded in enterprise workflows, security leaders face a new set of challenges that demand a shift in strategy. These aren’t just technical hurdles, they’re architectural, behavioral, and operational risks that require a broader, unified approach to security.

• Cloud vulnerabilities
  Most generative AI applications are cloud-based, which means cyberattackers can exploit weaknesses in the model, app, or infrastructure to move laterally and compromise sensitive data or model integrity.

• Data exposure risks
  GenAI thrives on large datasets—but that scale also makes it a prime target. Security teams must contend with the risk of data leakage and the complexity of enforcing governance across sprawling environments.

• Unpredictable model behavior
  Generative AI models don’t always behave predictably. The same input can yield different outputs, making it difficult to anticipate how models will respond to malicious prompts or manipulation. This opens the door to prompt injection attacks and AI agent abuse.

These foundational risks set the stage for an even more pressing reality: as generative AI scales, cyberattackers are exploiting its unique weaknesses in ways that demand security leaders’ immediate attention—starting with the top cyberthreats you need to watch.

Critical generative AI threats to watch

Generative AI introduces a new class of cyberthreats that go beyond traditional cloud vulnerabilities, targeting the very architecture and behavior of AI systems. These risks aren’t simply technical—they challenge the trust, integrity, and resilience of models that organizations increasingly rely on. Cyberattackers are finding creative ways to exploit the data-driven nature of AI, turning its strengths into weaknesses that demand fresh strategies and defenses.

Among the most critical cyberthreats are poisoning attacks, where cyberattackers manipulate training data to skew outputs and erode accuracy. Evasion attacks take a different route, using obfuscation or jailbreak prompts to slip harmful content past AI filters. And perhaps most insidious are prompt injection attacks—carefully crafted inputs that override original instructions, steering models toward unintended or malicious actions. These cyberthreats and more underscore why security leaders must rethink traditional approaches and build AI-specific safeguards. For a deeper dive into critical threats and practical guidance on mitigation, read the full Microsoft guide: 5 Generative AI Security Threats You Must Know About.

Building a proactive defense for AI and multicloud environments

Modern cybersecurity requires a holistic approach that correlates signals across applications, infrastructure, and user behavior. In the e-book, we explore how cloud-native application protection platforms (CNAPP) simplify this complexity by unifying tools like cloud security posture management (CSPM), cloud infrastructure entitlement management (CIEM), and cloud workload protection platform (CWPP) into a single platform. By stitching together identity data, storage logs, code vulnerabilities, and internet exposure, CNAPP provides security teams with full context to detect and remediate cyberthreats faster. This integrated view is critical as generative AI introduces unpredictable behaviors, making traditional siloed defenses insufficient.

Microsoft Defender for Cloud exemplifies this proactive model by delivering end-to-end AI security across development and runtime. It scans code repositories for misconfigurations, monitors container images for vulnerabilities, and continuously maps attack paths to sensitive assets. In runtime, Defender for Cloud detects AI-specific threats such as jailbreak attacks, credential theft, and data leakage—leveraging more than 100 trillion daily signals from Microsoft Threat Intelligence.² By combining posture management with real-time threat protection, organizations can secure generative AI workloads and maintain trust in an evolving cyberthreat landscape. 

Redefining security for the generative AI era

As generative AI becomes foundational, security leaders must evolve their strategies. Microsoft helps organizations unify security and governance across the full cloud and AI app lifecycle. With comprehensive visibility, proactive risk prioritization, and real-time detection and response, Microsoft protects your modern cloud and AI assets from code to runtime—while helping you comply with evolving regulations and standards. 

Organizations like Icertis are already taking action.

Microsoft Defender for Cloud emerged as our natural choice for the first line of defense against AI-related threats. It meticulously evaluates the security of our Azure OpenAI deployments, monitors usage patterns, and promptly alerts us to potential threats. These capabilities empower our Security Operations Center (SOC) teams to make more informed decisions based on AI detections, ensuring that our AI-[powered] contract management remains secure, reliable, and ahead of emerging threats.

—Subodh Patil, Principal Cyber Security Architect, Icertis

Generative AI is transforming cybersecurity—empowering defenders while giving cyberattackers new tools to scale phishing, deepfakes, and adaptive malware. To understand the top AI-powered cyberthreats and how to mitigate them, get the e-book: 5 Generative AI Security Threats You Must Know About.

Explore more resources:

• Learn more about Microsoft Cloud Security Solutions.

• Learn about Security for AI.

Learn more with Microsoft Security

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹ Microsoft Digital Defense Report 2025

²Accelerate AI transformation with strong security: The path to securely embracing AI adoption in your organization, Microsoft Security.

³ If your org’s using any virtual assistants with AI capabilities, are you concerned about indirect prompt injection attacks?

⁴ THE NEXT ERA OF CLOUD SECURITY: Cloud-Native Application Protection Platform and Beyond“, Doc. #US53297125, April 2025