The integration of Generative AI into the cyber threat landscape is a story of gradual evolution rather than immediate revolution. Moving beyond speculative “super-malware” discourse, current intelligence reveals a nuanced reality: adversaries are maturing and experimenting in lockstep with the industry. This session dissects how state-sponsored APTs and financially motivated actors are using AI to professionalize their operations. We explore how these actors use Large Language Models (LLMs) not to invent entirely novel attack vectors, but to refine the quality, scale, and efficiency of existing tactics like social engineering, malware development, and reconnaissance. By analyzing “in the wild” use cases from 2025 and 2026—including early signs of agentic automation and “just-in-time” code modification—we provide the practical context to track this maturing threat. The goal is to equip defenders with the strategic foresight to outpace an adversary currently learning the market in real-time.
