CyberStrikeAI Tool Breach FortiGate Devices

An innovative AI-based cybersecurity system named CyberStrikeAI, designed for detecting threats against IoT endpoints such as those managed by Fortinet's FortiGate firewalls, has recently gained significant attention among cybercriminals.

An open-source project originating from an individual linked to Chinese government-affiliated entities has advanced significantly towards utilizing artificial intelligence for cyber warfare purposes.

The CyberStrikeAI project on GitHub describes itself as "an AI-based cybersecurity testing tool developed using Go programming language," featuring integration of more than 100 security applications alongside an advanced automation system.

This tool offers role-specific tests, advanced skill training frameworks, extensive project oversight tools, integrated into an easy-to-use central interface.

A gadget initially captured notice after an investigation conducted by the Amazon Corporate Technology Intelligence unit revealed extensive use of artificial intelligence-enhanced systems against FortiGate hardware on a large scale.

The CyberStrikeAI project serves as an accessible offensive cybersecurity toolkit coded in Go language available for public use through its repository titled "Ed1s0nZ" located at GitHub. .

google

The platform claims it's "a native AI security-testing tool developed using Go programming language" which includes more than 100 security applications along with advanced orchestration software, user-defined tests based on roles, tailored skill assessment features, and extensive project tracking functionalities.

This device includes an online interface for monitoring system conditions and controlling ongoing activities efficiently, greatly reducing the complexity required for executing extensive, computerized attacks on networks.

Tool Dashboard

The team's examination focused on an individual Internet Protocol address used by Amazon (212. ). Eleven. Forty-four. The discovery indicated the existence of a "CyberStrikeAI" advertisement displayed on an unsecured network connection. Through analyzing worldwide NetFlow information, investigators noted an active communication pattern by this IP address towards specific targets on Fortinet's FortiGate systems, underscoring their function as tools for network surveillance and potential attacks.

Initially set up in November of 2025, the CyberStrikeAI project saw limited deployment activity before mid-2026. During this period spanning January 20 through February 26 in 2026, investigators observed 21 distinct Internet Protocol address instances utilizing the CyberStrikeAI software system.

Cymru analysis

The swift growth suggests marked increases in operational use. These server locations are geographically clustered around areas where Mandarin is predominantly spoken, such as mainland China, Singapore, and Hong Kong, which reflects their creator's heritage.

Behind CyberStrikeAI stands an individual known as "Ed1s0nZ," who is notorious for developing software aimed at exploiting vulnerabilities and escalating privileges.

Other notable GitHub repositories of theirs encompass PrivHunterAI and InfiltrateX, tools powered by artificial intelligence for automating security vulnerabilities identification, alongside a steganography-based document watermarks solution.

Greater concern lies in developers' recorded communications with individuals affiliated with China's National People's Bureau (NPPS). On December 2025, Ed1s0nZ handed over CyberStrikeAI project to the Starline Project overseen by KnownSec404, an undisclosed company linked to both MSX entities and China's PLA.

Tool Description

A cutting-edge AI-powered cybersecurity assessment tool offering over 100 integrable features for advanced threat detection.

A passive method for detecting privilege escalations through AI-powered proxies utilizes systems like Kimi, DeepSeek, and GPT.

InfiltrateX Automated privilege escalation vulnerability scanning tool

watermark-tool Steganography-based invisible document watermarking with extraction support