#FactCheck: AI-Generated Photo Shared to Claim Boycott of Hindu Sammelan

Executive Summary:

A circulating picture which is said to be of United States President Joe Biden wearing military uniform during a meeting with military officials has been found out to be AI-generated. This viral image however falsely claims to show President Biden authorizing US military action in the Middle East. The Cyberpeace Research Team has identified that the photo is generated by generative AI and not real. Multiple visual discrepancies in the picture mark it as a product of AI.

Claims:

A viral image claiming to be US President Joe Biden wearing a military outfit during a meeting with military officials has been created using artificial intelligence. This picture is being shared on social media with the false claim that it is of President Biden convening to authorize the use of the US military in the Middle East.

Similar Post:

‍

Fact Check:

CyberPeace Research Team discovered that the photo of US President Joe Biden in a military uniform at a meeting with military officials was made using generative-AI and is not authentic. There are some obvious visual differences that plainly suggest this is an AI-generated shot.

‍

Firstly, the eyes of US President Joe Biden are full black, secondly the military officials face is blended, thirdly the phone is standing without any support.

We then put the image in Image AI Detection tool

‍

‍

The tool predicted 4% human and 96% AI, Which tells that it’s a deep fake content.

Let’s do it with another tool named Hive Detector.

‍

‍

Hive Detector predicted to be as 100% AI Detected, Which likely to be a Deep Fake Content.

Conclusion:

Thus, the growth of AI-produced content is a challenge in determining fact from fiction, particularly in the sphere of social media. In the case of the fake photo supposedly showing President Joe Biden, the need for critical thinking and verification of information online is emphasized. With technology constantly evolving, it is of great importance that people be watchful and use verified sources to fight the spread of disinformation. Furthermore, initiatives to make people aware of the existence and impact of AI-produced content should be undertaken in order to promote a more aware and digitally literate society.

• Claim: A circulating picture which is said to be of United States President Joe Biden wearing military uniform during a meeting with military officials
• Claimed on: X
• Fact Check: Fake

‍

Executive Summary:

A video of actor Salman Khan is being widely shared on social media with the claim that he posted a special video on the occasion of Eid. However, a research by the CyberPeace found the claim to be misleading. The viral video is not recent but dates back to 2019. Meanwhile, Salman Khan did share a different video with his family this year.

‍

Claim:

‍

On Facebook, a user shared the viral video on March 21, 2026, with the caption ,“Salman Khan shared a special video on Eid.”

‍

Post link and archive link:

• https://www.facebook.com/reel/1475246294064541 
• https://archive.ph/arWFn 

‍

‍

‍

Fact Check

‍

To verify the claim, we examined Salman Khan’s social media accounts. On his Instagram handle, we found a video posted on March 21, 2026, in which he is seen greeting fans from a bulletproof balcony along with his family on the occasion of Eid.
‍

• https://www.instagram.com/p/DWJiHiliE-W/ 

‍

‍

This video is completely different from the viral clip and has no connection to it. Further, we extracted keyframes from the viral video and conducted a reverse image search using Google Lens. During the research, we found the same video on Salman Khan’s Instagram account, where it was originally posted on June 5, 2019.

‍

Post link:
‍

https://www.instagram.com/p/ByVMS6alo76/?igsh=MTA3ZDBqdGlidmRhMQ%3D%3D 
‍

‍

Conclusion:

‍

The viral claim is misleading. The video being shared is not recent but from 2019. Salman Khan did share a video this year, but it is different from the one going viral.

‍

Introduction

The advent of frontier AI has significantly widened the range of actors who can launch cyberattacks, extending beyond state actors with immense capabilities or organized professional cybercriminal rings. In its most critical advisory, CIAD-2026-0020, titled "Defending against frontier AI-driven cyber risks," which was released on April 26, 2026, the Indian Computer Emergency Response Team (CERT-In) officially stated that AI can now carry out autonomous cyber activities of unprecedented scale and speed. The advisory highlights that these frontier AI models can perform automated reconnaissance, phishing, malware creation, vulnerability identification, and social engineering with minimal human involvement, thus "lowering the barrier to orchestrating complex cyber attacks." The risks that such AI models pose are not restricted to state actors and corporate entities anymore and also extend to MSMEs, public organizations, and individuals.

‍

India’s Escalating Cybercrisis

The Indian digital economy has been developing at a very fast pace, but the same cannot be said about its cybersecurity. Having a base of over 850 million internet users and a digital payment sector that records a massive 22,495 crore in monthly transaction volumes, coupled with the fastest-growing cloud sector in the world, India continues to remain a lucrative prey for cybercriminals. There were over 265 million attempts reported in the last year, 2025, alone, where close to 46% of all incidents detected were in enterprises with fewer than 1,000 employees, a very grave reality for MSMEs. MHA confirmed there were 28.15 lakh reported cybercrime complaints in 2025 as compared to 2024, with a jump of 24%. In this worsening environment the advisory is a breakthrough in Indian cyber governance. Where previously advisories covered only conventional threats like phishing and malware, the new warning names frontier agentic AI systems as autonomous multipliers of threats, capable of conducting operations at scale and speed with significantly reduced human oversight.

‍

What is “Frontier AI” and why does it matter?

CERT-In’s decision to adopt the term "Frontier AI" is deliberate and meaningful. The advisory’s scope is a new category of agentic AI, which moves well beyond traditional chatbot-style AI, having the capacity to reason, plan, perform multiple actions in a single task autonomously, and carry out complicated tasks with minimal or no human guidance. CERT-In highlights that these tools now possess the capabilities that were "previously carried out by a coordinated team of skilled cybersecurity professionals." The advisory clearly flags the risk that these advanced models have the capability to generate malicious code, conduct network scans, probe systems for vulnerabilities, and even orchestrate intricate multi-stage cyberattacks in a single session. Their capacity to analyse a vast number of source code libraries to identify vulnerabilities, even unknown zero-day ones, and then develop proof-of-concept exploits at high speed. This means that the historical lead time to turn a vulnerability discovery into an exploit tool has reduced from weeks to just hours.

‍

Six Core Threat Vectors identified by CERT-In

1. AI-driven Automatic Zero-Day Discovery: AI-based solutions discover zero-day vulnerabilities and automatically create exploits in minutes, reducing the time taken by defenders.
2. AI-driven Autonomous Reconnaissance: AI-driven agents scan cloud infra, APIs, and enterprise networks and outline attack vectors.
3. AI-driven phishing & deepfakes: Multilingual, highly targeted phishing emails, deepfake audio, and deepfake voice/video calls bring sophistication to social engineering.
4. Deepfake Financial Fraud: AI creates deepfake executives for high-value money transfers. For example, reports have indicated crore-level fund loss cases in India.
5. AI-powered Autonomous Attack Chains: Advanced AI models are able to automatically perform multiple malicious stages like privilege escalation, lateral movement, data exfiltration, and data extraction.
6. Cascading failures of interconnected systems: A single AI-supported security breach can have catastrophic domino effects on connected digital systems and critical infrastructures.

‍

Why are MSMEs a target?

CERT-In’s warning is specifically targeted toward the weakness of the Indian MSMEs. Contributing almost 30% to India's GDP and employing over 110 million individuals, most MSMEs have failed to adequately prepare themselves against contemporary cyber threats. While a large corporation would have a full-time cybersecurity team, a security operation centre, and frequent vulnerability assessments, the majority of MSMEs lack such infrastructure due to budget constraints, out-of-date software, etc. This lack of security has proved to be quite disadvantageous for smaller businesses, as India was identified as one of the top global targets for cyberattacks, where approximately 46% of the total breaches worldwide targeted organizations having fewer than 1000 employees. The advisory claims that frontier AI systems have significantly increased the threats, for the skills necessary to carry out advanced cyberattacks have dramatically decreased. Ransomware, phishing and data exfiltration can be executed by even unsophisticated attackers. The aftermath could result in critical financial, operational, and compliance impact on these MSMEs.

‍

The Global Context

These developments seem to validate CERT-In's warning about threats posed by frontier AI. In its 2026 State of Cybersecurity Report, ISACA listed AI-related threats as the top concern of cybersecurity professionals; 61% of those surveyed reported generative AI/large language models as the top technology trend impacting cyber risk. Worryingly, in 2026 only 7% were confident in their organizations' defenses against ransomware. Check Point Software's Cyber Security Report 2026 corroborates this; in 2025 the report stated that in a single year, the trend of combined social engineering-based campaigns with automated operational execution has risen considerably. In all phases of the lifecycle of a cyberattack reconnaissance, social engineering, and tactical decision-making AI is being applied. KPMG is warning of deepfake-enabled fraud now "spreading at a faster rate than that experienced at the beginning of the phishing era, which is currently still the leading type of attack in the world."

‍

CERT-In Recommendations

‍

For Large Organisations:

‍

1. The use of security monitoring, threat detection, and log analysis should be increased.
2. DDoS protection systems and multi-factor authentication (MFA) should be implemented on all internet-facing devices and assets.
3. Critical security patches should be installed within 24 hours of release.
4. Old VPN and remote-access infrastructure should be updated or replaced.
5. AI-driven cyber drills and incident response simulations should be regularly performed.

‍For MSMEs:

‍

1. Software and security updates should be automatically enabled on all devices and systems.
2. MFA should be enabled on organisational accounts and sensitive platforms.
3. MSMEs should utilize MSSPs for specialized support and monitoring.
4. Detailed inventories of IT assets and system logs should be kept for fast incident response.
5. Staff should be educated about identifying AI-generated phishing, deepfakes, and scams.

‍

For Individuals:

‍

• Independent communication channels should be used to verify any dubious message or money request.
• Software from unverified sources or unauthorised channels should not be downloaded.
• The use of strong and unique passwords along with MFA wherever possible should be enforced.

‍

From Advisory to Action

The May 2026 cybersecurity road map released by CERT-In signals a departure from identification of threats to enabling operations against frontier AI-led cyber threat landscapes. This initiative builds on their April advice and delineates a clearly articulated three-phase roadmap comprising immediate cyber readiness, AI governance controls, and deep integration of AI-driven defenses. It also provides for the establishment of a focused AI Cyber Defense Center and various multisector governance provisions. A prominent area is the increased threat of impersonation via deepfakes, and companies are encouraged to institute executive verification procedures prior to approving high-value transactions. The framework also emphasizes the establishment of an AI asset register requiring formal accounting and governance of all AI systems utilized in an enterprise. Meanwhile, CERT-In also recognizes the twin-use nature of frontier AI: for every threat, the same technology can bolster security with automated threat detection, phishing, and log analysis in real time.  However, the deployment of state-of-the-art defenses is uneven, especially with MSMEs, where there isn’t the requisite domain expertise and funding for this infrastructure. Accordingly, the road map puts the emphasis on immediate and stronger cyber hygiene, compulsory incident reporting, enhancing AI literacy, and proper implementation of the Digital Personal Data Protection Act for long-term security investment and resilience.

‍

Conclusion

The CERT-In advisory CIAD-2026-0020 signifies a vital acknowledgment of AI's transformational impact on the cybersecurity ecosystem. Capabilities formerly exclusive to elite state actors are being deployed by low-skilled users, leveraging state-of-the-art frontier AI tools. India’s MSMEs, enterprises, and digital citizens are experiencing a rapidly accelerating threat milieu. In this context, the CERT-In advisory and the ensuing blueprint can no longer be dismissed as ordinary government pronouncements but as critical operational imperatives. It is the country’s ability over the next few years to shore up its collective cyber resilience to the ever-increasing scale and sophistication of AI-powered attacks that will prove crucial.

‍

References:

1. https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2026-0020
2. https://www.zeebiz.com/technology/news-cert-in-flags-high-severity-ai-cyber-risks-amid-claude-mythos-concerns-394448
3. https://www.business-standard.com/technology/tech-news/cert-in-warning-ai-scams-frontier-models-mythos-gpt-5-5-what-it-means-126042800988_1.html
4. https://www.businesswire.com/news/home/20251020612551/en/
5. https://corporate.indiamart.com/2025/07/29/staying-ahead-of-cyber-threats/
6. https://kpmg.com/kpmg-us/content/dam/kpmg/pdf/2025/deepfakes-real-threat.pdf

‍