Artificial intelligence has cemented itself as the backbone of corporate operations, propelling productivity while unleashing unprecedented cyber vulnerabilities. Zscaler’s ThreatLabz 2026 AI Security Report, analyzing nearly one trillion AI and machine learning transactions from about 9,000 organizations across the Zscaler Zero Trust Exchange in 2025, reveals a stark disconnect: AI activity surged 91% year-over-year, spanning more than 3,400 applications—nearly quadruple the prior year—yet governance lags dangerously behind. “Artificial intelligence and machine learning (AI/ML) are no longer emerging capabilities inside enterprise environments. In 2025, they became a persistent operating layer for how work gets done,” writes Deepen Desai, Zscaler’s EVP and Chief Security Officer, in a Security Boulevard analysis.

Data transfers to these AI tools exploded 93% to over 18,000 terabytes, channeling sensitive information like Social Security numbers, source code, and medical records through high-risk pathways. ChatGPT alone triggered 410 million Data Loss Prevention violations, underscoring how AI conduits amplify exposure. Enterprises blocked 39% of AI/ML access attempts amid unresolved risks, but such measures often push users toward shadow IT with zero oversight, as noted in the report detailed by GlobeNewswire.

Top Tools Drive Productivity, Data Perils

Usage clusters around workflow-embedded powerhouses: Grammarly for writing, ChatGPT for queries, Microsoft Copilot for collaboration, and Codeium for coding. These apps, handling peak sensitive data volumes, link AI gains directly to data hazards. “The same applications driving productivity gains from writing/editing to translating/coding – are often the ones handling the highest volumes of sensitive enterprise data,” per the Security Boulevard post. Finance & Insurance led with 23.3% of activity, followed by Manufacturing at 19.5%, tailoring risks to sector-specific compliance burdens.

Blocking persists—39% of attempts thwarted—yet every tested enterprise AI system crumbled under adversarial tests. “Blocking may reduce exposure, but it does not stop AI-driven work. Users often shift to unsanctioned alternatives,” the report cautions. This cat-and-mouse dynamic forces a pivot from prohibition to “safe enablement,” blending granular controls with inline prompt inspection.

Sector Splits Amplify Uneven Risks

Adoption disparities sharpen threats: services like finance grapple regulated data flows, while manufacturing eyes operational technology blind spots. ThreatLabz case studies expose adversaries wielding generative AI for social engineering, fake personas, evasion, and malware crafting—accelerating attack chains without reinventing them. “Threat actors are using AI to support initial access, social engineering, evasion, and malware development, making malicious activity harder to distinguish from legitimate use,” Desai observes.

Red-team simulations paint a dire picture: 100% of enterprise AI systems harbored critical flaws, with most compromised in 16 minutes and 90% in under 90. Help Net Security reports Zscaler experts confirming these machine-speed breaches, as AI traffic morphs via non-human protocols evading legacy tools. Agentic AI looms larger, automating reconnaissance to lateral movement for nation-states and cybercriminals alike.

Embedded AI’s Stealthy Expansion

Beyond standalone apps, AI lurks in SaaS backends—activating by default, slurping data invisibly. “Not all enterprise AI shows up as standalone generative AI usage. Increasingly, AI operates through embedded features built into everyday SaaS applications,” the report highlights via Security Boulevard. This “hidden” sprawl demands AI-BOM inventories, vulnerability scans, and defenses against prompt injection or data poisoning.

Zscaler’s response: an AI Security Suite for asset visibility, secure access via prompt/response scrutiny, and infrastructure hardening—aligned to NIST and EU AI Act. StockTitan notes 410 million ChatGPT DLP infractions as governance’s urgent call, with repositories ripe for espionage. On X, Zscaler posted: “100% of enterprise AI systems tested were vulnerable, hackable in 16 mins.”

Attackers Weaponize AI at Scale

Threat actors exploit AI across chains: initial footholds via engineered lures, evasion through polymorphic code, malware via auto-generation. GlobeNewswire warns of agentic AI automating full assaults, compressing timelines defenders can’t match humanly. “As more evidence of AI-driven attacks by cybercriminals and nation-state espionage groups is uncovered, ThreatLabz warns autonomous and semi-autonomous ‘agentic’ AI will increasingly automate cyberattacks,” per the press release.

Yahoo Finance ties Zscaler’s unveil to a 6.5% stock jump, positioning Zero Trust as AI’s safeguard amid sprawl. Infosecurity Magazine echoes: critical flaws in every system analyzed, per X discussions. Enterprises must enforce least-privilege, red-team relentlessly, and monitor embedded features to staunch bleeding risks.

Governance Imperatives for 2026

Forward paths: inventory AI models/supply chains, inspect all flows, fortify pipelines. “The long-term goal is safe enablement, allowing organizations to support AI use while managing risk consistently,” Desai urges. With AI as default accelerator, boards elevate oversight—bridging innovation-security chasms before breaches cascade at machine pace.