QuiltWorks: CrowdStrike and AWS Against AI-Driven Cloud Attacks
7 min. read
Cloud attacks are on the rise, and attackers are now deploying AI themselves. According to the CrowdStrike 2026 Global Threat Report, cloud-aware attacks have surged by 37 percent, with state-adjacent actors alone driving a 266 percent spike in cloud-aware operations. At the same time, threat actors are targeting AI systems directly, having injected manipulated prompts into GenAI tools across more than 90 organizations. Fitting this narrative is the announcement from June 17, 2026: CrowdStrike is expanding its Project QuiltWorks alliance alongside AWS to harden the cloud attack surface against exactly this frontier AI risk. For security teams, this is a wake-up call, not a blank check.
Key Takeaways
- The threat landscape is intensifying: Cloud-aware attacks up 37 percent, state-adjacent actors up 266 percent, prompt injection targeting 90+ organizations-all according to the CrowdStrike 2026 Global Threat Report.
- QuiltWorks bundles four core components: AI-driven vulnerability scanning, attacker-centric prioritization, remediation via system integrators, and financial backing through cyber insurers.
- An alliance does not replace an internal program: Exposure management, identity governance, and prompt injection defense remain the responsibility of your own team. Delegating everything simply shifts the liability.
Related:The Vulnerability Only AI Could Find / Copilot Finds the File Nobody Wanted to Share
How the Threat Landscape Has Shifted
The figures from the CrowdStrike 2026 Global Threat Report reveal a clear pattern. Cloud-aware attackers, who specifically exploit cloud accounts, tokens, and misconfigurations, have become 37 percent more common. Among state-adjacent groups, cloud-aware attacks jumped by 266 percent, primarily for intelligence gathering. The cloud is no longer just infrastructure; it is a deliberate target.
The term cloud-aware is crucial here. These attackers are not looking for traditional server vulnerabilities. Real-world patterns typically involve stolen session tokens, abused OAuth permissions, overly broad roles that allow lateral movement across services, and activity that mimics legitimate API traffic. Endpoint protection on virtual machines catches very little of this, because the attack occurs at the cloud control plane, not the operating system.
The second front is entirely new: AI itself. Attackers are injecting manipulated inputs into GenAI tools and abusing AI development platforms. CrowdStrike alone has identified more than 90 affected organizations. Integrating AI assistants into internal workflows opens an attack surface that traditional vulnerability scanners simply do not monitor. An assistant with read access to internal documents is, at best, a data exfiltration channel wrapped in a chat interface.
What Project QuiltWorks specifically bundles
QuiltWorks is not a single feature, but an alliance. It combines four building blocks that are usually purchased separately. First, CrowdStrike’s AI-based vulnerability detection, which identifies gaps before an attacker can exploit them. Second, an attacker-focused prioritization that highlights the truly dangerous findings from the mass of discoveries.
Third, the remediation itself, which goes through specialized system integrators because finding a vulnerability doesn’t close it. Fourth, financial protection via the cyber insurance industry, which cushions part of the financial risk. With the AWS extension, this chain now extends into the cloud environment where the vulnerabilities actually reside and are exploited.
The practical benefit for a security team lies in continuous responsibility. In practice, vulnerability management often breaks down at handover points: one tool finds, a second prioritizes, a third team fixes, and the insurance only learns about gaps that have been open for months in the event of damage. An alliance that consolidates these handovers reduces exactly the friction on which real programs fail. It does not replace your own strategy, but it takes some of the coordination burden off the organization.
Threat landscape in numbers
+ 37 % cloud-aware attacks according to the CrowdStrike 2026 Global Threat Report.
+ 266 % cloud-aware attacks by state-affiliated actors.
90+ Organizations with inserted prompts in GenAI tools.
Why the attack surface is the decisive point
The strategic core of the QuiltWorks extension lies in the term attack surface. Frontier AI risk becomes real precisely where vulnerable systems are located and accessible over the network. An AI that finds vulnerabilities faster helps the defender only if the findings are also closed. Exactly this gap between detection and remediation is closed by the alliance, which includes remediation and financial protection in the chain.
From an operational perspective, this is a reasonable approach. Most teams do not drown in a lack of insights, but in unprocessed findings. A model that lengthens the list without accelerating remediation merely shifts the problem. QuiltWorks addresses the order in which actions are taken, and that is often more important in daily operations than another detection tool.
The AI component shifts the pace on both sides. Attackers use models to find vulnerabilities faster and automate attacks, defenders use them to spot the same gaps earlier. Whoever only detects but does not fix in this race loses time they don’t have. That’s why the coupling of AI findings and fast remediation is the real progress, not detection alone. For a security team, this means honestly measuring their Mean-Time-to-Remediate and making it a central key performance indicator.
What Security Teams Must Do Themselves
An alliance like QuiltWorks reduces the effort, but it does not take away the fundamentals. Three points remain the responsibility of the own team. First, honest exposure management: those who do not know their cloud accounts, tokens, and permissions cannot make use of even the best prioritization. Second, identities, because most cloud-aware attacks run through valid access, not through spectacular exploits.
Third, defending against prompt injection. An AI assistant with access to internal data is a privileged access and should be treated accordingly. This means specifically: narrow down the tool permissions of the assistant, limit the retrieval access to shared sources, enforce a policy between the model and sensitive actions, isolate risky tools, and log every action for audit. Observing only inputs and outputs is not enough.
And there is a fourth point that is often forgotten: visibility at the control level. Those who do not centrally collect and analyze cloud audit logs will only notice a token-based attack when the data has already flowed out. An alliance can prioritize findings, but it does not replace the own telemetry. These four points are uncomfortable because they demand discipline rather than purchasing. Those who treat KMS keys and service accounts as dropdowns either have not experienced an audit yet or have a poor one.
Frequently Asked Questions
What is Project QuiltWorks?
An alliance initiated by CrowdStrike that connects AI-driven vulnerability discovery, attacker-oriented prioritization, remediation via system integrators, and financial protection via cyber insurers. The extension from June 17, 2026, brings AWS and thus the cloud environment into the chain.
What does the AWS extension mean concretely?
The chain of detecting, prioritizing, fixing, and securing now extends into the cloud workloads where the vulnerabilities actually reside. Thus, the alliance addresses the attack surface where Frontier AI risk becomes real.
Which numbers demonstrate the growing threat?
According to the CrowdStrike 2026 Global Threat Report, cloud-aware attacks have increased by 37 percent, by 266 percent among state-aligned actors, and more than 90 organizations had manipulated prompts injected into GenAI tools.
Does such an alliance replace the own security program?
No. Exposure management, identity security, and defending against prompt injection remain the responsibility of the own team. An alliance reduces the effort, but does not shift the responsibility.
What is the most important immediate action?
A honest inventory of cloud identities and permissions. Most cloud-aware attacks run through valid access, so control over accounts and tokens is the foundation of any further measure.
Reading Tips
SecurityToday400 AUR Packages with Malware: What the Arch-Linux Attack Teaches UsSecurityTodayThe Emergency Plan No One Has PracticedSecurityTodayAdaptive MFA in NIS2 Audit: When Policy Becomes EvidenceMore from the MBF Media Network
Image source: AI-generated (June 2026)