Recent findings from a report by Wiz Inc., a cloud security company under Google LLC, reveal a significant transformation in how artificial intelligence (AI) is utilized in cloud environments. According to the report, titled *The State of AI in the Cloud 2026*, 81% of the analyzed environments are operating with managed AI services, while 90% utilize self-hosted AI software.
This comprehensive report analyzed anonymized configuration metadata, AI asset discovery, and hands-on assessments across hundreds of thousands of cloud environments in 2025. Wiz emphasizes that these figures represent lower-bound estimates and do not fully capture global adoption rates.
Key Findings
The most striking conclusion is that AI has become an integral part of cloud infrastructure rather than a separate consideration. Approximately 63% of organizations are now self-hosting AI models, with 68% of these integrating models through third-party software. Alarmingly, 18% depend solely on such external components, expanding their potential attack surfaces, often without explicit inventory or oversight.
Concentration Risks
The report also sheds light on concentration risk—42% of organizations rely on a single AI model, and fewer than 7% use more than 100 models. Only 21% of organizations manage 10 or more models.
Developer Tools Saturation
In addition, developer tools have become heavily saturated, with AI-integrated development environment extensions present in at least 80% of organizations. Moreover, 71% have deployed at least one AI copilot, echoing GitHub data that indicates 80% of new developers adopt AI copilots within their first week. This shift has contributed to a 25% year-over-year rise in overall code contributions. Additional research from LogicStar AI AG and ETH Zürich indicates that AI agents are involved in up to 10% of public pull requests.
Security Implications
The report highlights critical security concerns, noting that about 20% of organizations using AI-powered coding platforms have faced applications affected by systemic vulnerabilities. Specific examples include issues at Base44 Ltd., where shared generation logic created flaws that allowed unauthorized access, and Moltbook, which lacked adequate safeguards, leaving sensitive data exposed. When AI-generated defaults proliferate, these vulnerabilities can become systemic rather than isolated incidents.
Infrastructure Expansion
Additionally, the report indicates that orchestration infrastructure is expanding faster than security measures. At least 57% of organizations have implemented self-hosted AI agent technologies, and Model Context Protocol (MCP) servers are found in at least 80% of cloud environments. However, only 5% have exposed an MCP server to the public internet.
Wiz documents several incidents linked to this new layer of AI infrastructure. For instance, the Probllama vulnerability, identified by Wiz in 2024 and tracked as CVE-2024-37032, enabled remote code execution on publicly accessible Ollama instances. Moreover, the singularity supply chain attack on the Nx build system exploited command-line AI tools from companies like Anthropic PBC, Alphabet Inc., and Amazon.com Inc. to conduct reconnaissance and harvest credentials from compromised systems.
Evolution of Threat Economics
The report illustrates that the economics of exploitation are evolving alongside the adoption of AI. Wiz posits that AI is functioning as both a target and an enabler, shortening exploit development cycles and lowering the requisite skill level rather than creating entirely new categories of attacks.
Wider Adoption Across Sectors
Another key takeaway is that AI adoption now spans regulated industries such as finance, energy, and aerospace. This broader exposure pattern means that AI-related risks are no longer confined to organizations traditionally focused on AI.
Recommendations
The report concludes with a call to action, urging organizations to treat AI as a fundamental aspect of cloud infrastructure rather than an isolated discipline. This involves applying the same asset inventory, configuration review, identity governance, and exposure management practices to AI systems as one would for any other workload.
Wiz’s research team emphasizes that governance should not reside solely within a single innovation team. Instead, it needs to be integrated across cloud security, application security, and data governance functions to accommodate the distributed nature of ownership and transitive components.
Image: Wiz
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence, and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity, and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
