The AI arms race: The explosive growth of chatbots, large language models, and other AI technologies is reshaping cybersecurity on both sides of the fence. While hackers are already exploiting AI to their advantage, defenders must rapidly adapt to keep pace and prevent escalating damage.

Threat analysts say cybercriminals and hackers backed by adversarial nations now routinely employ chatbots and large language models for hacking. Meanwhile, security teams are using the same AI tools to detect vulnerabilities and block attacks before they can cause damage.
A recent report from Ukrainian authorities and security researchers confirms that the AI arms race is in full swing. In July, Russian cyber-spies from the APT28 group distributed Lamehug, the first publicly documented AI-powered malware. The campaign invoked a large language model through the Hugging Face API, converting human-readable prompts into complex tasks executed on infected PCs.
Google's Vice President of Security Engineering Heather Adkins says LLMs help the company identify security vulnerabilities in widely used software products. So far, the Gemini LLM has uncovered at least 20 significant bugs, and Google has shared the findings with the affected vendors.
"It's the beginning of the beginning. Maybe moving towards the middle of the beginning," Adkins told NBC News.

Technologies powered by AI haven't yet produced revolutionary results in cybersecurity, but large language models are proving helpful in automating tasks that human analysts already perform. They can accelerate the bug-finding process, making vulnerability detection faster and more efficient, even if they don't replace human expertise.
Cybersecurity firm CrowdStrike warned that black hat hackers and foreign spies are already leveraging AI. The company has observed growing evidence that Chinese, Russian, and Iranian hackers are deploying chatbots and large language models for malicious purposes.
Despite investing hundreds of billions of dollars into agentic AI, Big Tech and startups have yet to deliver meaningful or profitable solutions. However, the technology has matured enough that hackers can begin automating and iterating more complex tasks, already generating profits from the advancements that companies are still struggling to monetize.
The growing role of artificial intelligence in cybersecurity brings both risk and opportunity, but there is reason for optimism. Alexei Bulazel, senior cyber director at the White House National Security Council, says AI will ultimately favor defenders over offenders. He notes that AI excels at democratizing access to vulnerability information and spotting routine bugs, giving security teams a valuable edge.
Hackers are embracing AI-powered malware as security teams counter with their own AI