New evidence that hackers are leveraging artificial intelligence to execute sophisticated attacks has strengthened the investment case for cybersecurity companies, signaling that corporate spending on digital defense will remain mission-critical as threat complexity accelerates.
The Google Threat Intelligence Group reported this week that a threat actor used an AI-developed zero-day exploit designed to circumvent two-factor authentication—the first documented instance of adversaries using AI to automate vulnerabilities, phishing campaigns, and malware development at this scale. This development underscores a fundamental shift in the threat landscape: AI is lowering the barrier to entry for sophisticated attacks while simultaneously expanding the surface area companies must defend.
The market implications are substantial. Rather than reducing cybersecurity costs through automation, as some investors theorized, the proliferation of AI-enabled attacks appears to be driving increased demand for advanced defensive platforms. This dynamic positions AI-native cybersecurity companies like CrowdStrike and Palo Alto Networks as essential infrastructure investments for enterprises navigating an increasingly complex threat environment.
The Threat Landscape Expands
Google's findings arrive at a critical juncture for the cybersecurity industry. Investors spent the past year debating whether AI could eventually reduce cyber costs by automating defensive solutions. Instead, the evidence suggests the opposite: AI is lowering the barrier to entry for sophisticated attacks while the advent of companies adding AI agents exponentially increases points of vulnerability.
Barclays, in a Monday research note to investors, wrote that hackers are increasingly using large language models to find and exploit vulnerabilities, a trend that "will only accelerate with more advanced AI models." The analysts predicted that security vendors could start to see "real revenue opportunity" this year from safeguarding against AI-driven attacks. Barclays added, "This could only drive more spending on cybersecurity," suggesting that the increased sophistication of threats will translate into higher corporate security budgets.
Google researchers characterized this environment as one where adversaries are increasingly leveraging AI to automate the development and deployment of attacks, requiring defensive platforms capable of detecting and responding to threats in real time.
Market Performance and Investment Positioning
Both CrowdStrike and Palo Alto Networks have demonstrated strong recent performance, returning 44% and 38%, respectively, over the past month. CrowdStrike is just over 2% away from its closing record high of $557.53 on November 10, 2025, while Palo Alto is less than 3.5% off its October 28, 2025 record close of $221.38. Both stocks are up roughly 16% year-to-date, while the S&P 500 is up about 7.5% year to date.
The pair is bucking the negative performance of the iShares Expanded Tech-Software Sector ETF, which is down nearly 16% in 2026. This divergence reflects market recognition that cybersecurity represents a distinct category within technology—one driven by mission-critical spending requirements rather than discretionary corporate IT budgets.
CrowdStrike's Falcon platform and Charlotte AI offerings around autonomous threat detection and response reinforce its competitive positioning, as does Palo Alto's AI-driven platform strategy and intelligence capabilities. Both companies are positioned to benefit from the structural shift toward AI-enabled threat detection and response systems.
Industry Collaboration and Security Innovation
One month ago, Anthropic launched Project Glasswing, a defensive cybersecurity initiative tied to its Claude Mythos general-purpose cybersecurity-focused AI model. The project brings together CrowdStrike and Palo Alto alongside Amazon, Apple, Broadcom, Alphabet, Microsoft, Nvidia, Cisco Systems, JPMorgan Chase, and the Linux Foundation.
The initiative is designed to help companies use Mythos to identify vulnerabilities and strengthen defenses after Anthropic said the model has already found "thousands of high-severity vulnerabilities." This collaborative approach demonstrates how leading technology companies are mobilizing resources to address the expanded attack surface created by AI proliferation.
CrowdStrike CEO George Kurtz made the case on Mad Money last month that security is foundational to AI adoption. Kurtz said, "You can't have AI without security. We're the experts at it." He added that one of the things holding back AI adoption is AI securitization, and explained that this is why CrowdStrike was chosen to be part of the solution in the Mythos partnership.
This positioning reflects a market reality: as enterprises accelerate AI deployment, the security infrastructure required to protect those systems becomes increasingly sophisticated and expensive. Companies unable to secure their AI environments face not only direct financial risk from breaches but also operational constraints on technology adoption.
Why This Matters:
The emergence of AI-powered attack methodologies has fundamentally altered the cost-benefit analysis for corporate cybersecurity spending. Rather than reducing security expenditures through automation, the proliferation of AI-enabled threats is expanding the scope and sophistication of defensive capabilities required. This dynamic creates a structural tailwind for cybersecurity vendors positioned to deliver real-time threat detection and response at scale. From an investment perspective, the evidence suggests that cybersecurity spending will remain mission-critical and potentially increase as enterprises grapple with expanded attack surfaces. The convergence of industry collaboration—as demonstrated by Project Glasswing—with vendor innovation in AI-driven defense suggests that the market is allocating capital toward solutions addressing genuine operational imperatives rather than speculative technologies. For enterprises, this environment reinforces the necessity of treating cybersecurity as infrastructure investment rather than discretionary spending, with implications for IT budgets, vendor selection, and overall digital risk management strategies.