A Chinese Developer Just Open Sourced a One-Click AI Hacking Platform. It Already Hit 600 Firewalls.
CyberStrikeAI integrates 100+ security tools with an AI decision engine. Amazon detected it breaching FortiGate devices across 55 countries.
The AI Post newsroom — delivering AI news at the speed of intelligence.
Remember when hacking required skill? Those days are officially over.
A developer with documented ties to China's CNNVD (China National Vulnerability Database) has open sourced CyberStrikeAI, an AI-native offensive security platform built in Go that integrates over 100 security tools with an AI decision engine. The platform supports OpenAI-compatible models including GPT, Claude, and DeepSeek, and enables end-to-end automation from conversational commands to vulnerability discovery and attack-chain analysis.
Translation: you can tell it what to hack in plain English, and it figures out the rest.
Amazon's security team detected CyberStrikeAI being used to breach over 600 FortiGate firewall devices across 55 countries. The platform includes WebShell management, vulnerability tracking with severity scoring, multi-agent orchestration where a coordinator delegates to sub-agents, and a knowledge base with vector search for security expertise.
The Democratization of Cyberattacks
What makes CyberStrikeAI different from previous offensive tools is the AI layer. Traditional hacking tools require expertise to chain together. CyberStrikeAI's AI decision engine handles orchestration, tool selection, and attack-chain assembly. It even includes predefined "roles" like Penetration Testing, Web App Scanning, and CTF solving.
The platform is open source on GitHub, has an active Discord community, accepts WeChat Pay donations, and includes a Burp Suite plugin for integration with existing security workflows. This is not a proof of concept. This is production-grade offensive infrastructure.
Why This Should Terrify You
Two weeks ago, we reported that AI had made hacking nearly free, with Ledger's CTO warning the crypto industry was in panic mode. CyberStrikeAI is the proof. The barrier to entry for sophisticated cyberattacks just went from "years of experience" to "download this repo and type what you want."
The 600+ FortiGate breaches are not a demonstration. They are the opening act. Every unpatched device, every misconfigured firewall, every forgotten server is now vulnerable to anyone who can type a sentence. The cybersecurity industry has been warning about AI-powered attacks for years. The warning period is over.
CyberStrikeAI is publicly available on GitHub. Fortinet has not yet commented on the FortiGate breaches.